Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
arivet-AMER-FNAC-TAC
Staff
Staff

Created on ‎02-22-2024 06:12 AM Edited on ‎02-22-2024 06:21 AM By Community Manager

Article Id 300737

Technical Tip: HTML Characters in Radius Secret

Description This article describes that Radius secrets that use HTML characters must be saved via CLI.

Behavior is observed when a radius secret is entered with HTML characters such as the ampersand '&'.
Example Radius Secret: SuUA01&fTcLkyopnXQ
What gets saved: SuUA01&fTcLkyopnXQ


Logs on the devices expecting the correct secret will throw errors such as 'Invalid Authenticator' or 'Bad Secret' even though the user confirms the secret is the same on all devices.
Scope FortiNAC and FortiNAC-F v9.4.X and v7.2.5.
Solution

From the CLI of the device:

 

NACOS:

 

execute enter-shell

device -ip <deviceip> -setAttr -name RadiusSecret -value "radiussecret"

 

CentOS:

 

device -ip <deviceip> -setAttr -name RadiusSecret -value "radiussecret"

 

226
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.