09-14-2010 09:04 AM
Recently installed ASA 5500. Right now I have just a handful of users using the VPN. However when they connect it asks for their network password, but when their password changes I need to make the change in the firewall first. Is there a setting/configuration so that when they change their network password and they connect via VPN after that change that the Group Policy recognizes their new password so I don't have to go into each user's setup in the ASA and modify their password change?
09-14-2010 09:08 AM
Michael,
Is the ASA configured to authenticate the VPN clients against an internal database server?
If this is so, then the ASA asks the internal server for the password to verify the authentication, and if the password has changed, well, there's no problem.
If the ASA is configured for local authentication, then you need to make the changes manually.
Federico.
09-14-2010 09:27 AM
That's a good question. How do I know if it's configured to authenticate the VPN clients against an internal database server? Like I said I'm not all that familiar with this device, sorry.
09-14-2010 09:31 AM
Two options.
Either
sh run group-policy
or
sh run tunnel-group
It will show the authentication being used for the particular VPN group.
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide