Solved

Is it possible to set changing VPN passwords with Cisco ASA?

Posted on 2008-06-19
3
454 Views
Last Modified: 2012-05-05
Our remote workers use VPN to access the office, we set them up with a username and password on our Cisco ASA 5520.  Which they then use to connect via the Cisco VPN client.

At the moment the VPN account has a password that never changes.  Is there a way to force changes to the password after a set expiration period ?  

OR ... another proposed idea .. is there anyway we could implement a random password generator and matching key fob password generator to users that they have to use to look at the current (often changing) password to get in ?

Any help is most appreciated.
0
Comment
Question by:stemc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 250 total points
ID: 21820873
>> Is there a way to force changes to the password after a set expiration period ?

Depends on how the username and password is being presented - are they stored on local database (in the ASA), Via RADIUS (Windows IAS), or Via TACACS+?

If they are stored on the ASA then No - if thay are stored in IAS or TACACS+ then yes :)
0
 

Author Closing Comment

by:stemc
ID: 31468699
Thanks Pete, they are stored on the ASA only.  I'll have a read up on the other methods you metion,

regards

Ste
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 21836815
No Problem - if you want to go RADIUS/IAS theres a piece on my website :)
 http://www.petenetlive.com/Tech/Firewalls/Cisco/c2svpnRADIUS.htm
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Part One of the two-part Q&A series with MalwareTech.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses
Course of the Month5 days, 11 hours left to enroll

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question