I have a requirement as per our security standard all VPN user ID must change the password during intial logon
I am using cisco VPN client 4.6 .0 anf 5.0.0 suspending my IPSEC VPN on head end ASA 5520 device , authenticating VPN user using ACS 5.3.0 . All the VPN user are created internally on ACS 5.3.0 , i have turned on password management on ASA configuration towards tunnel group and i have enabled MS-CHAPv2 on ACS for password change during intial logon .
I have created internal user with password change during inital logon and tired connecting to my VPN .Intially it prompt for password change , after changing the password to new password .
When i am trying to connect , i am seeing strange behaviour VPN client is not able to connect to the peer , VPN client is not responding for few minutes , What should the problem , is there problem VPN client or ACS configuration .
when i remove this password management from tunnel group , VPN users are able to connect with any issue , but the concern is none them able to change the password , we not have ADS on our network all User ID are created internal on ACS server .
Thanks for your response , sorry i was on leave , i could not respond you on time . I have given configuration of my tunnel group , I am using ACS 5.3 as authentication server , all users are internal users on ACS 5.3 .
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...