Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Multiple attempts to authenticate to ASA VPN

I see multiple attempts to conncet to my VPN server. We have the server setup with group user name and passwords. It then authenticates the user to ACS. I see multiple login names from one ip. Root, wireless, admin, and many many others. How can i add a dynamic rule to block this after so many attempts?

5 REPLIES

Re: Multiple attempts to authenticate to ASA VPN

Hi ,

So we are getting many hits in acs from the same user ? Please increase radius server timeout in the VPN server.

Regards,

~JG

Community Member

Re: Multiple attempts to authenticate to ASA VPN

Same IP, diffrent users. They seem to be using some sort of name generator.

Green

Re: Multiple attempts to authenticate to ASA VPN

They shouldn't be getting that far. Doesn't that mean they have your group username and password or have acquired a .pcf file?

Community Member

Re: Multiple attempts to authenticate to ASA VPN

Yeah exaclty, well we just had some users leave. I was going to change the group name and password. But i also want to be able to deny ips after so many attemps.

Re: Multiple attempts to authenticate to ASA VPN

On

ASA--->VPN--->General--->VPN System option--->enable : Limit the MAX number to active VPN IPSEC

Regards,

~JG

281
Views
0
Helpful
5
Replies
CreatePlease to create content