Extra field in the login window of VPN Client

Posted on 2008-11-05
Last Modified: 2011-10-19
We got ASA 5510, configured to accept VPN connections (with Cisco Vpn Client).
I used to get the login window with 2 fields (UserName and Password).
Now I'm getting 3 fields (Username,Password,Domain).Check the attached snapshot.
The ASA is configured to check with Radius (Microsoft IAS).
How to get rid of the Domain Field, as for some users it's confusing, and we get many calls regarding this.
Question by:khamees79
    LVL 2

    Accepted Solution


    In the tunnel-group configuration you will have either "pasword-management" or "radius-with-expiry" command. This command is used to enabled use of ms-chap-v2 instead of PAP with IPSEC to facilitate password change on expiry.

    Enabling this also adds the domain prompt on the client.

    Removing this command will remove the domain prompt on the client.
    LVL 1

    Author Closing Comment

    LVL 1

    Author Comment

    Perfect, Thank you
    I enabled this 2 days ago, thuoght that it will be good for the users with expired passwords.
    even though I tested it with a user who MUST CHANGE PAAS NEXT LOGON. but it did not work.
    at least it as I like it now.thnx again

    Expert Comment

    Hi All,

     I need to enable ti now. i tried to enable it but i'm not getting the domain option. I need to setup radius with expiry.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
    Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now