04-05-2010 08:32 AM
We setup user accounts on the local ASA 5510. Is it possible to setup the user accounts so that the users can change the password after the first login?
Thanks.
Laura
Solved! Go to Solution.
04-05-2010 10:02 AM
Laura,
If the users reside on the local database on the ASA, there are some attributes that you can set, i.e
username TEST attributes
password-storage Enable/disable storage of the login password on the
client system
But what you want is to force the user to have to change its password, as far as I've seen you cannot set such parameter for local users on the ASA.
The way to accomplish this will be using an external authentication source (ACS, Radius server, TACACS+ server, etc.)
Federico.
04-05-2010 09:29 AM
Hi,
You're talking about users that can manage the ASA, users that just pass Firewall connections through the ASA, remote VPN users, ect?
Federico.
04-05-2010 09:55 AM
Thanks for your prompt response, Federico. I am talking about users who manage ASA and remote VPN users. They are using IPSEC VPN client to login to VPN. Please let me know if you need additional information. Thanks.
Laura
04-05-2010 10:02 AM
Laura,
If the users reside on the local database on the ASA, there are some attributes that you can set, i.e
username TEST attributes
password-storage Enable/disable storage of the login password on the
client system
But what you want is to force the user to have to change its password, as far as I've seen you cannot set such parameter for local users on the ASA.
The way to accomplish this will be using an external authentication source (ACS, Radius server, TACACS+ server, etc.)
Federico.
04-05-2010 11:10 AM
Thanks Federico.
Laura
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: