I have setup my Cisco ASA 5500 for SSL VPN access. After much digging for information, I have managed to setup the authentication for end users to a Microsoft IAS Server which in turns is linked to their active directory account. I have also managed to get password changing through the web interface working, however, I do have a problem. I want to enforce password complexity for the end users when changing their passwords through the SSL VPN, but I am unable to get this working. If anyone has any information on how to get this working, it would be greatly appreciated. Thanks.
Enforcing password complexity takes effect only when the user changes passwords; for example, when you have configured Enforce password change at next login or Password expires in n days. At login, the user receives a prompt to enter a new password, and the system will accept only a complex password.
Yes, this might be true for machines that belong to our organization. However, I have to provide VPN access for external consultants that are working on projects for us, and their machines are not part of our domain. In the group policy, the force password complexity is part of the Computer Configuration, and not the User Configuration. I have tried enabling it, and even testing with one of my own machines, but the password complexity is not enforced.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...