Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
667
Views
0
Helpful
1
Replies

RADIUS with Expiry Using MS IAS on ASA5520

Paul Jose
Level 1
Level 1

‎01-21-2010 04:26 PM

I currently have a Cisco VPN 3000 configured to Authenticate Windows Active Directory users. When these users' password is about to expire, it prompts them to change it.  I cant seem to find the configuration to mimic this on the ASA5520.  I need to have 64BIT OS support on the ASA otherwise I would have stuck with the VPN3000 as it's doing it's job quite well.Does anyone know how to configure the same feature on the ASA5520?

Thanks in advance.

Labels:
0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎01-27-2010 09:46 AM

Paul,

The support for password expiration on the ASA with radius is defined with the command "password management" under the tunnel group where the client connects, as well you need to enable mschap v2 as the authenticating protocol under the ppp settings for tha tunnel group and you need to make sure tha the radius is configured for mschapv2 too. See the following link:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/p.html#wp1879916

As for 64bit support, the remote access that supports this OS platform is Anyconnect see the following link too:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/svc.html

hth

Ivan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents