[vpn-help] RADIUS with Expiry Support
Matthew Grooms
mgrooms at shrew.net
Tue Feb 9 00:28:03 CST 2010
On 1/31/2010 4:32 PM, Michael-Curran (Canberra) wrote:
> Dear vpn-help community,
> I’m currently assessing the ShrewSoft VPN client as a replacement for
> the Cisco IPSec VPN client on 64-bit Windows. I’m connecting to a Cisco
> VPN 3000 concentrator from a Windows 7 x64 host. In our current
> configuration we’re using extended authentication (PSK + XAuth) with
> RADIUS validating the “Xauth” part.
> I can connect and authenticate fine with this configuration using the
> ShrewSoft client, however my problem arises when the users’ password
> expires. Using the Cisco or NCP clients I get challenged to change my
> expired password as part of the XAuth process. Using the ShrewSoft
> client I simply get an authentication failure, and the server tells me
> that the password change attempt was deferred.
> Does anyone know if it is possible for the ShrewSoft client to perform
> an interactive password change for an expired password when using PSK +
> XAuth?
Michael,
The Shrew Soft client doesn't support this at the moment. The Xauth user
input occurs before the client connects and there is currently no
mechanism to request further input. We plan to fix this in a future release.
-Matthew
More information about the vpn-help
mailing list