VPN Group Policy Password

mzoeller32 · ‎09-14-2010

Recently installed ASA 5500. Right now I have just a handful of users using the VPN. However when they connect it asks for their network password, but when their password changes I need to make the change in the firewall first. Is there a setting/configuration so that when they change their network password and they connect via VPN after that change that the Group Policy recognizes their new password so I don't have to go into each user's setup in the ASA and modify their password change?

Federico Coto Fajardo · ‎09-14-2010

Michael,

Is the ASA configured to authenticate the VPN clients against an internal database server?

If this is so, then the ASA asks the internal server for the password to verify the authentication, and if the password has changed, well, there's no problem.

If the ASA is configured for local authentication, then you need to make the changes manually.

Federico.

mzoeller32 · ‎09-14-2010

That's a good question. How do I know if it's configured to authenticate the VPN clients against an internal database server? Like I said I'm not all that familiar with this device, sorry.

Federico Coto Fajardo · ‎09-14-2010

Two options.

Either

sh run group-policy

or

sh run tunnel-group

It will show the authentication being used for the particular VPN group.

Federico.