Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Equivalent of "RADIUS with Expiry" on PIX-based VPN?

Having many of the usual problems everyone runs into with Windows password expiration on Cisco VPN client 3.x. I'm using CS-ACS 3.0 integrated into NT domain, and have all of the "MS-CHAP v1" and "MS-CHAP v2" boxes checked on the ACS, but never got it to work. The only place I have gotten it to work is when terminating the VPN client connection onto a VPN-3030, by using "RADIUS with Expiry" instead of generic "RADIUS" for external authentication. Is there a way to build a similar construct for a PIX-based (or worse yet, IOS-based) VPN termination?

Thanks!

Mike

1 REPLY
New Member

Re: Equivalent of "RADIUS with Expiry" on PIX-based VPN?

Hi Mike,

PIX and IOS router at this moment does not support "Radius password expiry" feature yet. This feature will be implemented in their future version release.

At this moment, I am afraid that only VPN 3000 can do it.

Best Regards,

99
Views
0
Helpful
1
Replies