09-16-2008 11:29 AM - edited 03-10-2019 04:05 PM
We have an ASA 5510 running 7.2(4) and have VPN setup using Cisco secure client. Authentication is done through RADIUS running on a windows 2003 server (IAS).
Our problem is, users aren't being notified that their password is about to expire, and once it does they can no longer authenticate.
I have tried setting "Enable Notification Upon Password Expiration" and "Enable Notification Prior to Expiration", but this is not doing anything.
Please help. This is going to be a huge issue soon, as we just did password expiration policy for SAS70 compliance and passwords are about to start expiring enmasse. Almost all of our users are road warriors.
~rick
Solved! Go to Solution.
09-16-2008 01:09 PM
Rick,
For this to work for clients connecting to an ASA, we'll need to make sure of a few things :
1. That the tunnel-group these clients are connecting to has the following command configured:
password-management
2. The VPN client version 5.0.00 is affected by a bug which fails to prompt the user for
the new password. If you're running this version, I'll suggest an upgrade or downgrade.
Regards,
~JG
Do rate helpful posts
09-16-2008 01:09 PM
Rick,
For this to work for clients connecting to an ASA, we'll need to make sure of a few things :
1. That the tunnel-group these clients are connecting to has the following command configured:
password-management
2. The VPN client version 5.0.00 is affected by a bug which fails to prompt the user for
the new password. If you're running this version, I'll suggest an upgrade or downgrade.
Regards,
~JG
Do rate helpful posts
09-18-2008 09:04 AM
Thanks JG, it was indeed 5.0.00. Tried it with 5.0.03 and worked fine.
~r
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: