Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Louis_Poulin
Collaborator

How do you prevent user accounts from being locked when using Remote Access VPN?

When you put in place remote access (VPN) and you validate the username/password against an internal directory (like Active Directory), how do you prevent a malicious user from locking user accounts from the outside?

If a malicious user tries different passwords for a username either on the SSL VPN webpage or by using the endpoint VPN client, eventually the account will be locked/disabled in the internal directory.

We can then imagine someone doing a DoS attack for all the users in the organization.

Thanks!

P.S. I'm interested in a solution for a setup running R80.10

3 Replies
G_W_Albrecht
Legend
Legend

You have experienced that live, did test the issue in lab or is this just a theoretical question ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
Louis_Poulin
Collaborator

All of the above.

Why do you ask?

0 Kudos
rajendra_bandil
Explorer

Hi,

        Could you please provide solution of  sk92383 to study.  I don't have advanced access.

Remote Access clients can connect to VPN Gateway only once 

Regards

Rajendra

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events