Options

VPN with user password control

nice343nice343 Member Posts: 391
in Off-Topic
I configured my home cisco router (3745) as an IPSEC/VPN server. Everything works fine but I want to play around with it some more. Right now before a user can authenticate to my vpn server they have to have a username and password created in the routers local database by me. How do I configure the password so that a user can can change it the first time they connect to the server

A user cannot change their password when they connect to the server.

By the way I am using cisco VPN client for authentication.
My daily blog about IT and tech stuff
http://techintuition.com/
· Share on FacebookShare on Twitter

Comments

  • Options
    AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    You can't (afaik) unless you grant them login rights to the router itself and let them telnet/ssh/whatever and do it manually after they are connected. The alternative is to use a separate authentication server, Radius being the most popular protocol. Windows Server 2003 includes Radius in the IAS service so you can authenticate against domain credentials and as long as that is the account they are logged in with locally on the client they can do a change-password within Windows, again they won't be prompted on first log in though. 3rd party Authentication applications may include options to do what you need but I've never used anything beyond IAS.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
    · Share on FacebookShare on Twitter
  • Options
    seuss_ssuesseuss_ssues Member Posts: 629
    I dont know if you can or not with that device, but the first thing that comes to mind is ldap.

    We have our vpn setup to query the 2003 server via ldap to authenticate. The user can then change their windows password which will in affect change their vpn password.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.