• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 851
  • Last Modified:

windows passwords in cisco clientless ssl vpn

when trying to authenticate with windows servers from within the cisco clientless ssl vpn users with symbols in their passwords rcv errors such as server not found or dns error.
if i change the password to not include a symbol authentication works no problem.
is there a protocol i am missing somewhere that needs to be added, or something else i may have missed?
0
-pH
Asked:
-pH
  • 2
  • 2
1 Solution
 
MikeKaneCommented:
Don't think so.   Cisco has had bugs in Anyconnect where certain special characters would break authorization.   I, myself, had to look at this issue and found that in a previous version, if the end user had a ^ in the password, the auth would fail.    

What version of ASA code are you on?  

0
 
-pHAuthor Commented:
it is weird, punctuation works, but some symbols do not.
we are on 8.0(3)
0
 
lrmooreCommented:
How are you passing the authentication? By Radius or LDAP?
If using Radius, what encrypt methods? PAP, CHAP, MS-CHAP, MS-CHAPv2?
0
 
-pHAuthor Commented:
i am authenticating from within the portal directly to a cifs on a windows server so i just assumed it would be kerberos.
0
 
MikeKaneCommented:
I checked caveats on a few versions for you...  

You might want to upgrade the code from 8.0.3 to something more recent

These were fixed in 8.0.4 (http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/arn804n.html#wp307350)

CSCsm10353  AnyConnect password that contains brackets <> will fail authentication
CSCso91051   WebVPN: Broken logic with Passcode caption in the portal


Ver 8.3 and newer implements a change in how NAT is handled but would support older configs.  

0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now