Re: Disabling terminated user's vpn access into PIX 515
Doesn't look like you're doing any XAuth (user authentication) here, which is not good. Do your users get prompted for a username and password when they connect, I'll guess not going by your config? If not, then the only way to stop this person from getting in is to change your group password and tell everyone else except this person what the new password is. The line:
> vpngroup VpnGroup1 password ********
is the one you want to change, then everyone has to change their VPN client configuration (not pretty).
For the future, you should upgrade this PIX to 6.3, then you can add local usernames/passwords into the PIX config, and with the command:
> crypto map map_firewall client authentication LOCAL
your users will have to enter a username/password before the VPN will be established. Add usernames in with:
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...