08-09-2007 05:57 AM - edited 02-21-2020 10:18 AM
I see multiple attempts to conncet to my VPN server. We have the server setup with group user name and passwords. It then authenticates the user to ACS. I see multiple login names from one ip. Root, wireless, admin, and many many others. How can i add a dynamic rule to block this after so many attempts?
08-09-2007 07:10 AM
Hi ,
So we are getting many hits in acs from the same user ? Please increase radius server timeout in the VPN server.
Regards,
~JG
08-09-2007 07:26 AM
Same IP, diffrent users. They seem to be using some sort of name generator.
08-09-2007 07:43 AM
They shouldn't be getting that far. Doesn't that mean they have your group username and password or have acquired a .pcf file?
08-09-2007 07:54 AM
Yeah exaclty, well we just had some users leave. I was going to change the group name and password. But i also want to be able to deny ips after so many attemps.
08-10-2007 04:49 AM
On
ASA--->VPN--->General--->VPN System option--->enable : Limit the MAX number to active VPN IPSEC
Regards,
~JG
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide