Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
603
Views
0
Helpful
1
Replies

asa vpn and ad password expiration without vpn client

andysevenone
Level 1
Level 1

‎02-20-2009 06:30 AM

Hello,

The setup is: vpn on asa using ms ias (ms chap v2 with 'user can change password...' option and empee 128bit as encryption). 'password management' option is set up on asa. Everyting is working fine when we are using vpn client (users can change pin/password after it expires), but the problem is with clientless connection. it works fine, but when password expires users are prompted to change password, but the password is not changed and user cannot connect.

Q1: is it possible to change expired password using clientless connection?

Q2: if so, what could be wrong?

Thanks for help,

Andy

Labels:
0 Helpful
1 Reply 1

rickbennett
Level 1
Level 1

‎02-25-2009 10:19 AM

SOrry for "piggybacking" on of your post, but I have been trying to get this working for a few weeks now. I tried using LDAP to my AD server. The problem with that is that is requires secure LDAP, which I am not ready to venture down that road until I get a better understanding of what implications it will have on my server. To that end, if anyone has managed to get password changes working through an SSL VPN client, I would also appreciate any information on it. Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents