cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

How do you prevent user accounts from being locked when using Remote Access VPN?

When you put in place remote access (VPN) and you validate the username/password against an internal directory (like Active Directory), how do you prevent a malicious user from locking user accounts from the outside?

If a malicious user tries different passwords for a username either on the SSL VPN webpage or by using the endpoint VPN client, eventually the account will be locked/disabled in the internal directory.

We can then imagine someone doing a DoS attack for all the users in the organization.

Thanks!

P.S. I'm interested in a solution for a setup running R80.10

3 Replies

Re: How do you prevent user accounts from being locked when using Remote Access VPN?

You have experienced that live, did test the issue in lab or is this just a theoretical question ?

0 Kudos

Re: How do you prevent user accounts from being locked when using Remote Access VPN?

All of the above.

Why do you ask?

0 Kudos

Re: How do you prevent user accounts from being locked when using Remote Access VPN?

Hi,

        Could you please provide solution of  sk92383 to study.  I don't have advanced access.

Remote Access clients can connect to VPN Gateway only once 

Regards

Rajendra

0 Kudos