ebreniz Wed, 08/12/2009 - 15:30
User Badges:
  • Silver, 250 points or more

We can prompt users for change of password ahead of time but it requires to use LDAP not Radius


tunnel-group radiustest1 general-attributes

password-management password-expire-in-days 14


http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpngrp.html#wp1166214


So if LDAP is enabled on your AD Server, you can have ASA talk to the AD server directly.


Actions

This Discussion