Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PLEASE HELP ME !!!!!!!

Status
Not open for further replies.
amarchi

amarchi

IS-IT--Management
Jul 5, 2002
75
0
0
IT

I have a pix (firewall and vpn) installed and radius server fo authentication (win2000srv).
Everything it's working well, but i HAVE A BIG problem:
I enable the password policy to expire after 60 days, as result the user can't access at the day 61 in our lan and there is no prompt about "please change your password" but just access denied.(as result in the event log "access denied the user must change the password")
If i go on the radius server and try to login to the server(stand alone) with the userID of the user, well the policy work and ask to me :"change the password".
We use ciasco vpn client.
Do you know if there is a way to prompt our users PLease change your password......using the vpn client from Cisco?
Otherwise a have to change the password for all my user that use our vpn

Thanks in advance for your help
MZ
 
Sort by date Sort by votes
This is probably an obvious solution but it should solve your problem until you come across a better option.

You could disable the need to change passwords and require strong passwords.
 
Upvote 0 Downvote
isguyatlanta (MIS) Sep 28, 2002
What about a password that can be used with radius only and never expires?

how do it?
 
Upvote 0 Downvote
Perhaps you could create a new group for the VPN users & assign a new group policy to them. You could disable password expiration in that policy.

Warning: I have not had to do this so I offer no gurantees that it will work but seems a solution worth trying.
 
Upvote 0 Downvote
Do you know if there is a way to prompt our users PLease change your password......using the vpn client from Cisco?


I think your problem might be that you already are. We have a cisco vpn that we changed last year to authticate through the domain. Summer help first installed it incorectlly, so we authenticated through the vpn. Once we realized that it was going to be a viable thing for the users, we got to looking at it closer and didn't like the way the security was set. We wanted authentication through the domain. We now logon using a password for the router, then we get a prompt to put in our password to log onto the domain. This way, if someone gets in through the vpn, they have to have a valid account on the domain to get in. If you were set up this way, your problem would probably go away. Just a thought. Good luck. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com
[americanflag]
"What is harder than rock, or softer than water? Yet soft water hollows out hard rock. Persevere."
Ovid(43BC-17AD); Roman poet.

 
Upvote 0 Downvote
We now logon using a password for the router, then we get a prompt to put in our password to log onto the domain.


Sorry, I meant vpn, not router. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com
[americanflag]
"What is harder than rock, or softer than water? Yet soft water hollows out hard rock. Persevere."
Ovid(43BC-17AD); Roman poet.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
103
gbaughma
gbaughma
Fireksf
  • Locked
  • Question
Avaya IPOCC not generate Report, Please any body if you a have any idea help me.
Replies
1
Views
62
MarkSweetland
MarkSweetland
Teo En Ming
  • Locked
  • Question
Actions taken during Disaster Recovery for client whose IBM Megaraid controller has failed
Replies
2
Views
122
fightaccording
fightaccording
on3mansh0w
  • Locked
  • Question
[HELP] AD GPO not applied unexpectedly
Replies
0
Views
64
on3mansh0w
on3mansh0w
goombawaho
  • Locked
  • Question
Server 2012 Essenitals Installation Media
Replies
1
Views
59
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top