password management of an AD integrated VPN

Unanswered Question
Feb 5th, 2009


We have a client-server VPN with a cisco PIX 515 as the server. The authentication is integrated with Active Directory, so the user have an AD account. The problem arises when password in the AD expires and users have to change it, and since the Cisco VPN client won't allow vpn users for a password change they all have to call the Contact Center. Is there a way to allow the vpn clients to change password by themselves? maybe a module or additional software.

If not, which VPN server solution allows me this?

Thanks for your help.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ivan Martinon Thu, 02/05/2009 - 15:50

This will depend on your VPN server, Cisco ASA has the feature to allow the vpn client to change the password after it has expired, ASA uses password-management as a command under the tunnel group attributes for this vpn client connection, on thing to be aware is that after this is done you need to make sure that your authentication protocol is changed to mschapv2


This Discussion