Solved: Password change notification in FDM with ISE

HWAN · ‎08-20-2020

Hello Teams,

I have some questions.

Is there pop-up notification system in anyconnect agent before RA-VPN user's password expiration?

Or after expiration?

As to my knowledge, ASA and FTD are possible using password-management command.

But, I'm using FDM anyconnect service with ISE.

Is it also possible?

I know ISE is send email notification to user using SMTP also.

But, This solution is need SMTP server, right?

My customer don't have email server.

Thank you.

HWAN · ‎09-02-2020

Conclusion

>

FDM couldn't password-management command even if we use flex config.

For use this feature, We need to deploy FTD with FMC.

Thank you.

Mohammed al Baqari · ‎08-21-2020

Hi,

You can configure password-management in FDM using flexconfig.

**** please remember to rate useful posts

HWAN · ‎08-24-2020

Thank you for your support.

I looked up about flexconfig.

The flexconfig is useful when I use ASA configuration in FDM.

But it doesn't seem to support all commands.

Because of 'Prohibited CLI Commands' in FDM configuration guide.

'password-management' command is belong to group-policy command like below.

ex)

tunnel-group test_tunnel general-attributes

address-pool VPN-Pool

authentication-server-group test_server

default-group-policy test_group

password-management password-expire-in-days 30

When I see FDM configuration guide, tunnel-group command is in 'Prohibited CLI Commands'(refer below link).

This means that FDM doesn't support password-management commands, right?

Thank you.

HWAN · ‎09-02-2020

Conclusion

>

FDM couldn't password-management command even if we use flex config.

For use this feature, We need to deploy FTD with FMC.

Thank you.