General Discussion WAF with Reverse Proxy did't accept passwort with Certain characters

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 4 replies
Subscribers 6 subscribers
Views 922 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF with Reverse Proxy did't accept passwort with Certain characters

Sophos User695 over 3 years ago

Hello @all,

we using several WebSevers on UTM WAF with reverse Proxy and Active Directory Authenication.

If we using Passwords with characters like § the login failed and i can see on AD that i have one badPasswordTime.

Same Password is working without WAF

How can we solve that?

UTM Version: 9.706-9

Many Thank's

TheBob

This thread was automatically locked due to age.

Parents

0 BAlfson over 3 years ago

NOTE 02-AUG-2021: Please see my clarification below.

Hallo and welcome to the UTM Community!

In general, it's not a good idea to use special characters in passwords with UTM. Even umlauts cause problems in places.

You might open a case with Sophos Support to let them know of this issue for a potential fix in a future update.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 Sophos User695 over 3 years ago in reply to BAlfson

Our policy states that special characters must be used, the exclusion of certain special characters is not an option here, especially since this is very difficult to convey.
If all other systems can do this, why not the UTM?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Sophos User695 over 3 years ago in reply to BAlfson

Our policy states that special characters must be used, the exclusion of certain special characters is not an option here, especially since this is very difficult to convey.
If all other systems can do this, why not the UTM?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BAlfson over 3 years ago in reply to Sophos User695

Well, I didn't express myself very well. "Regular" non-alphanumeric characters should indeed be used in passwords. In UTM, using umlauts and other combined characters in account names or passwords can cause problems. Note that, in your original post, the section mark, §, is made with ampersandsect;.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel