I have a VPN 3015 concentrator and I am using the Cisco VPN client (v4.8). I am using Active Directory to authenticate users. I recently noticed that I can use any qualifier with the correct username/password and I will authenticate to the concentrator. For instance I could use the correct qualified domain name "mynetwork.edu\username" and autheticate, or I could make-up a domain, "whatever.com\username" and authenticate. Understand that I must have the correct username and password for AD. Is that qualifier being stripped somewhere before being passed to AD?
I have this problem too.