topic Re: Endpoint Security in Spark Firewall (SMB)

Endpoint Security

GaryJ — Mon, 03 May 2021 08:36:48 GMT

Hello,

My organisation is using Endpoint Security as to create C2S VPN.

The users are connecting with internal Firewall user accounts on the 1570 Security Gateway.

My question is :

How can a user change their password once a VPN session has been established? I cannot see an easy way to do it.

_Val_ — Mon, 03 May 2021 08:54:19 GMT

What is your use case?

GaryJ — Mon, 03 May 2021 09:21:44 GMT

Hello,

We have a 1570 Security Appliance as the Firewall R80.20.20 (992001869)

Users are using Endpoint Security Client version VPN E84.60

Users create C2S VPN tunnels to the Firewall and login using internal user accounts only (user/password).

> There is no backend AD, LDAP or Radius authentication.

User would like to create VPN session and then change password manually, or have a forced password change upon initial login.

There appears to be no obvious way to do this.

Can this be done, or what alternatives are there ?

_Val_ — Mon, 03 May 2021 11:27:19 GMT

If you are using a locally managed appliance, the answer is "No", and the alternatives would be to use an external auth server.

GaryJ — Tue, 04 May 2021 07:32:35 GMT

Thanks for the reply, so there is no way an end user is able to change their local account password on a firewall ?

_Val_ — Tue, 04 May 2021 09:23:13 GMT

No, unless you give that user admin rights, which is not the best scenario. Using external authentication is the way to do that.