cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
590
Views
0
Helpful
4
Replies

ISE RADIUS proxy - strip password

gacs
Cisco Employee
Cisco Employee

Hi Team, 

 

Using ISE as a RADIUS proxy, could we strip the password and send the remaining part

to the External RADIUS server and process the beginning of the password locally in ISE?

 

I do see, we can do it with username but our customer would like to manage

and cut the password in to pieces in ISE.

 

Thank You!

Best regards, Gyorgy 

1 Accepted Solution

Accepted Solutions

Surendra
Cisco Employee
Cisco Employee
ISE cannot manipulate the passwords for the sole reason that username and password are sent in one go and there is no provision to enter the password again.

If your requirement is to validate half the password in ISE and half the password in external server, that is against the RFC.

If your requirement is to strip some part of the password i.e., manipulate the password and send it to the external proxy, send the feedback to us at http://cs.co/ise-feedback with detailed use case and requirement.

View solution in original post

4 Replies 4

paul
Level 10
Level 10

What exactly are you trying to do?  What is the external RADIUS server ISE is sending to?

gacs
Cisco Employee
Cisco Employee

The other RADIUS server is a Google authenticator, OTP server. Can ISE "manipulate" the password at all in this RADIUS proxy feature?

Surendra
Cisco Employee
Cisco Employee
ISE cannot manipulate the passwords for the sole reason that username and password are sent in one go and there is no provision to enter the password again.

If your requirement is to validate half the password in ISE and half the password in external server, that is against the RFC.

If your requirement is to strip some part of the password i.e., manipulate the password and send it to the external proxy, send the feedback to us at http://cs.co/ise-feedback with detailed use case and requirement.

gacs
Cisco Employee
Cisco Employee

Thank You very much!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: