This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF with Reverse Proxy did't accept passwort with Certain characters

Hello @all,

we using several WebSevers on UTM WAF with reverse Proxy and Active Directory Authenication.

If we using Passwords with characters like § the login failed and i can see on AD that i have one badPasswordTime.

Same Password is working without WAF

How can we solve that?

UTM Version: 9.706-9

Many Thank's

TheBob



This thread was automatically locked due to age.
  • NOTE 02-AUG-2021: Please see my clarification below.

    Hallo and welcome to the UTM Community!

    In general, it's not a good idea to use special characters in passwords with UTM.  Even umlauts cause problems in places.

    You might open a case with Sophos Support to let them know of this issue for a potential fix in a future update.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • But it is also not a good idea to not use special characters in passwords because they are weak then... :/

  • Our policy states that special characters must be used, the exclusion of certain special characters is not an option here, especially since this is very difficult to convey.
    If all other systems can do this, why not the UTM?

  • Well, I didn't express myself very well.  "Regular" non-alphanumeric characters should indeed be used in passwords.  In UTM, using umlauts and other combined characters in account names or passwords can cause problems.  Note that, in your original post, the section mark, §, is made with ampersandsect;.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA