Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1150
Views
0
Helpful
3
Replies

Password change notification in FDM with ISE

Go to solution
HWAN
Level 1
Level 1

‎08-20-2020 10:00 PM

Hello Teams,

 

I have some questions.

 

Is there pop-up notification system in anyconnect agent before RA-VPN user's password expiration?

Or after expiration?

As to my knowledge, ASA and FTD are possible using password-management command.

But, I'm using FDM anyconnect service with ISE.

Is it also possible?

 

I know ISE is send email notification to user using SMTP also.

But, This solution is need SMTP server, right?

My customer don't have email server.

 

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
HWAN
Level 1
Level 1
In response to HWAN

‎09-02-2020 10:30 PM

Conclusion

>

FDM couldn't password-management command even if we use flex config.

For use this feature, We need to deploy FTD with FMC.

 

Thank you.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎08-21-2020 01:46 AM

Hi,

You can configure password-management in FDM using flexconfig.

**** please remember to rate useful posts
0 Helpful

Go to solution
HWAN
Level 1
Level 1
In response to Mohammed al Baqari

‎08-24-2020 01:36 AM

Thank you for your support.

 

I looked up about flexconfig.

The flexconfig is useful when I use ASA configuration in FDM.

But it doesn't seem to support all commands.

Because of 'Prohibited CLI Commands' in FDM configuration guide.

 

'password-management' command is belong to group-policy command like below.

ex) 

 tunnel-group test_tunnel general-attributes

  address-pool VPN-Pool

  authentication-server-group test_server

  default-group-policy test_group

  password-management password-expire-in-days 30

 

When I see FDM configuration guide, tunnel-group command is in 'Prohibited CLI Commands'(refer below link).

- https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdm-config-guide-640/fptd-fdm-advanced.html

 

This means that FDM doesn't support password-management commands, right?

 

Thank you.

 

0 Helpful

Go to solution
HWAN
Level 1
Level 1
In response to HWAN

‎09-02-2020 10:30 PM

Conclusion

>

FDM couldn't password-management command even if we use flex config.

For use this feature, We need to deploy FTD with FMC.

 

Thank you.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents