• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 904
  • Last Modified:

Extra field in the login window of VPN Client

We got ASA 5510, configured to accept VPN connections (with Cisco Vpn Client).
I used to get the login window with 2 fields (UserName and Password).
Now I'm getting 3 fields (Username,Password,Domain).Check the attached snapshot.
The ASA is configured to check with Radius (Microsoft IAS).
How to get rid of the Domain Field, as for some users it's confusing, and we get many calls regarding this.
  • 2
1 Solution

In the tunnel-group configuration you will have either "pasword-management" or "radius-with-expiry" command. This command is used to enabled use of ms-chap-v2 instead of PAP with IPSEC to facilitate password change on expiry.

Enabling this also adds the domain prompt on the client.

Removing this command will remove the domain prompt on the client.
khamees79Author Commented:
khamees79Author Commented:
Perfect, Thank you
I enabled this 2 days ago, thuoght that it will be good for the users with expired passwords.
even though I tested it with a user who MUST CHANGE PAAS NEXT LOGON. but it did not work.
at least it as I like it now.thnx again
Hi All,

 I need to enable ti now. i tried to enable it but i'm not getting the domain option. I need to setup radius with expiry.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now