How to set a temp vpn password on ASA 5510

When creating VPN users on ASA 5510 how can I set up a temporary password that must be changed the first time a user logs in to VPN.  For example... I set up a user lets call him user ABC and assign a password. When user ABC logs in to VPN for the first time I want that user to have a prompt to change his password.  Is this possible?  please advise... Thanks!
LVL 1
alizarraga1Asked:
Who is Participating?
 
gavvingConnect With a Mentor Commented:
Actually with 8.0 and greater code on the ASA it's supposed to be possible.  You have to configure LDAP over SSL as the authentication method as well.  Refer to: http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/vpngrp.html#wp1166346

Look for section:  Configuring Microsoft Active  Directory Settings for Password Management
0
 
alexfooConnect With a Mentor Commented:
It is not possible to do this. The vpn client cannot change the password in the ASA in any way.
0
 
eSouthConnect With a Mentor Commented:
If you want to make sure the end user "feels" secure with his password, one thing you can do is set up authentication to use RADIUS to authenticate back to a AD or LDAP password that the user knows is already "secret." The down side to this is you have no way of verifying the connection before you advise the end user that the setup is complete.
0
 
alizarraga1Author Commented:
Thanks for the help.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.