Showing results for 
Search instead for 
Did you mean: 

Parsing auth proxy config values have reserved charachters


I'm trying to set up a radius proxy on RHEL.
Is there any guidance on reserved characters, escaping or quoting non-alphanumeric values to be parsed from the configuration file?
One of the videos I watched indicated ; and # should not be used for values such as the secret because they are interpreted as the beginning of a comment.  I have confirmed the proxy works as expected when sticking with alpha-numeric secret, and that non-alphanumeric characters were usable when the endpoint points directly at the primary radius server.
I am primarily interested in the radius secret field, but also how the config parsing restrictions in general.

1 Reply 1

Cisco Employee
Cisco Employee

In addition to the comment characters # and ; (as mentioned here), also watch for commas in the user passwords, as that's the default delimiter character for appending passcodes or factors to a password in LDAP and some RADIUS configurations. We have occasionally seen issues with non-UTF8 characters in user passwords or secrets, which can be remedied by setting `pw_codec` in the cfg.

Feel free to search the Duo Knowledge Base for additional RADIUS answered questions.

Duo, not DUO.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links