Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Release notes

SafeNet Agent for FreeRADIUS

search
printsuggest an edit

SafeNet Agent for FreeRADIUS

RELEASE NOTES

copy link to clipboardVersion Number: 3.3.2

Customer Release Notes (CRN) - This document describes capabilities, resolved issues, limitations, and known issues for different product releases.

copy link to clipboardProduct Description

FreeRADIUS is a customizable, open-source RADIUS server that receives authentication data using the RADIUS protocol (a protocol running over IP/UDP or IP/TCP). The SafeNet Agent for FreeRADIUS is a highly secure, enterprise authentication agent that enables RADIUS clients to communicate with the SafeNet server using the RADIUS protocol.

copy link to clipboardRelease Description

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.3.2

copy link to clipboardPython Upgrade

Since Python 2 has reached its official end-of-life, the FreeRADIUS agent component code has now been migrated to Python 3.

copy link to clipboardSecurity Improvement

This release introduces some security improvements for the most secure version of SafeNet Agent for FreeRADIUS.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.3.1

The SafeNet Agent for FreeRADIUS v3.3.1 introduces the following feature and resolves a customer-reported issue.

copy link to clipboardLDAP Secure

The SafeNet Agent for FreeRADIUS v3.3.1 release provides support for LDAP Secure (LDAPS) connection to the LDAP server.

This enables the agent to connect to the LDAP server for user authentication over a secure channel, ensuring that the communication between FreeRADIUS and the LDAP server is encrypted and safe.

copy link to clipboardThalesdocs

The SafeNet Agent for FreeRADIUS documentation is now online at https://thalesdocs.com/sta/agents/freeradius/index.html. In future versions, the documentation will only be available on Thalesdocs. PDFs will no longer be a part of the subsequent releases.

copy link to clipboardResolved Issues

Issue Synopsis
SAS-68180 The FreeRADIUS mount issue is now resolved and documented.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.3.0

The SafeNet Agent for FreeRADIUS v3.3.0 introduces Podman support and resolves a customer-reported issue.

copy link to clipboardPodman

The SafeNet Agent for FreeRADIUS v3.3.0 now supports the agent deployment on the Podman platforms. It enables users to take advantage of its security, flexibility, and performance, along with the existing Docker compatibility.

For more details, refer to the SafeNet FreeRADIUS Agent Install Config Guide here.

copy link to clipboardAdded Operating System

The agent is now compatible with Red Hat Enterprise Linux 9.4, CentOS 9, and Ubuntu 22.04. For supported platforms, click here.

copy link to clipboardResolved Issues

Issue Synopsis
SAS-47272 FreeRADIUS agent deployment script FreeRADIUSv3.sh does not accept spaces in AD attributes. This issue is now resolved.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.2.1

The SafeNet Agent for FreeRADIUS v3.2.1 includes new features listed below:

copy link to clipboardAdded user agent header to comply with GWAF security rules

The reversed proxy GWAF requires HTTP requests to include the User-Agent header in compliance with RFC 7231, Section 5.5.3. Necessary changes have been made in accordance with this requirement.

copy link to clipboardAdded stats to RADIUS requests

RADIUS servers are deployed to capture details regarding incoming traffic. This includes information on the amount of processed traffic, the number of dropped packets, as well as the counts for duplicate and conflicting packets sent.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.2.0

The SafeNet Agent for FreeRADIUS v3.2.0 includes new features and resolves a customer-reported issue.

copy link to clipboardFreeRADIUS Agent support for on-prem password validation.

Support for on-prem password validation using concatenated LDAP+OTP as a single field Password for the Authentication. This has been added to enhance security during authentication. Please refer SafeNet FreeRADIUS Agent Install Config Guide here, for prerequisites and other details.

copy link to clipboardSupport for Silent response in case if SafeNet Server is not reachable.

Support for a silent response when SafeNet server is not reachable, this will help customers to switch to failover/secondary SafeNet servers. Instead of authentication failure, it will show the “No response from the server ”. Please refer SafeNet FreeRADIUS Agent Install Config Guide here, for prerequisites and other details.

copy link to clipboardResolved Issues

Issue Synopsis
SAS-41855 UTF8 encoding is now supported with MS-CHAPv2.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.1.1

The SafeNet Agent for FreeRADIUS v3.1.1 resolves some customer-reported issues.

copy link to clipboardResolved Issues

Issue Synopsis
SAS-37881 The special characters with UTF encoding are now supported in the AD password.
SAS-36432 The FreeRADIUS Agent installer now does not display the private key to its users in the system.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.1

The SafeNet Agent for FreeRADIUS v3.1 includes a new feature and resolves a known issue.

copy link to clipboardSupport for Protected Extensible Authentication Protocol

Support for Protected Extensible Authentication Protocol (PEAP) is now added for enhanced security during the authentication.

copy link to clipboardRelease Summary – SafeNet Agent for FreeRADIUS 3.0

The SafeNet Agent for FreeRADIUS 3.0 is a new agent that allows to authenticate against the FreeRADIUS server version 3.0. The new agent is different in technology (it is deployed inside a docker container), and the outcome is far more robust and secure than the previous agent.

Earlier, the agent had three separate components; FreeRADIUS Agent, FreeRADIUS Updater and FreeRADIUS Server. All three components needed to be installed and configured for the agent solution to work.

The new SafeNet Authentication Service Agent for FreeRADIUS 3.0 is deployed using a simple shell script. The script, based on parameter inputs from the end user, helps in quick, hassle-free agent installation and upgrades.

copy link to clipboardKnown Issues

The following table provides a list of known issues as of the latest release.

Issue Synopsis
SAS-72938 Summary: While authenticating with the agent, extra error logs displays in the Message-Authenticator string of NTRadPing Test Utility.
Workaround: None, it will be fixed in a future release.
SAS-46280 Summary: Few special characters (for example, ü, €) are not supported with UTF encoding.
Workaround: None, it will be fixed in a future release.

copy link to clipboardCompatibility

The information in this document applies to:

copy link to clipboardSafeNet Servers

  • SafeNet Authentication Service PCE/SPE 3.13 and later (SAS)

  • SafeNet Trusted Access (STA)

copy link to clipboardSupported Platforms

copy link to clipboardDocker

  • Red Hat Enterprise Linux 8.3

  • Red Hat Enterprise Linux 9.4

  • CentOS 9

  • Ubuntu 22.04

Podman

  • Red Hat Enterprise Linux 8.3

  • Red Hat Enterprise Linux 9.4

copy link to clipboardSupported FreeRADIUS Versions

  • FreeRADIUS server version 3.x and above

On this page