Equivalent of "RADIUS with Expiry" on PIX-based VPN?
Having many of the usual problems everyone runs into with Windows password expiration on Cisco VPN client 3.x. I'm using CS-ACS 3.0 integrated into NT domain, and have all of the "MS-CHAP v1" and "MS-CHAP v2" boxes checked on the ACS, but never got it to work. The only place I have gotten it to work is when terminating the VPN client connection onto a VPN-3030, by using "RADIUS with Expiry" instead of generic "RADIUS" for external authentication. Is there a way to build a similar construct for a PIX-based (or worse yet, IOS-based) VPN termination?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...