Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
752
Views
0
Helpful
2
Replies

Xauth password Caching !!!

stefan.kristiansson
Level 1
Level 1

‎03-25-2003 12:12 AM - edited ‎03-09-2019 02:38 AM

Hi All

I have noticed that the Xauth authentication password is cached in the VPN client by default.

How can I turn this off ?

Login with UID+PW works

Login with UID+"blank" works

Login with UID+"wrongpw" don't work

Login with wrong UID+"blank" don't work

Xauth is Tacacs from a Cisco ACS Server.

both VPN Client versions 3.5.2C and 3.6.3C has this caching

termination point PIX 515 ver 6.1(4)

/Brgds Stefan

Labels:
0 Helpful
2 Replies 2

afakhan
Level 4
Level 4

‎03-25-2003 11:50 AM

Hi,

Please copy-paste the pix config and debugs(crypto) for your second combination mentioned above.

Looking at the ACS logs would help as well.

client should not save XAUTH password by default.

Thx

Afaq

0 Helpful

stefan.kristiansson
Level 1
Level 1
In response to afakhan

‎03-26-2003 05:55 AM

Hi Afaq

I have investigated this further, and it seems it's not a VPN client or Pix problem.

The problem resides on either in the ACS:server or our LDAP database.

Seems like our ACS Server v2.4 don't understand the LDAP return codes, on "blank passwords" so the tacacs thinks it gives a acceptable value.

Have anyone familiar with the Cisco ACS Server heard of such a problem ?

My first step is to upgrade to ACS 2.6 any other ideas ?

/Brgrds Stefan

0 Helpful
Customers Also Viewed These Support Documents