Re: How do you prevent user accounts from being lo...

Louis_Poulin · ‎2018-02-07

When you put in place remote access (VPN) and you validate the username/password against an internal directory (like Active Directory), how do you prevent a malicious user from locking user accounts from the outside?

If a malicious user tries different passwords for a username either on the SSL VPN webpage or by using the endpoint VPN client, eventually the account will be locked/disabled in the internal directory.

We can then imagine someone doing a DoS attack for all the users in the organization.

Thanks!

P.S. I'm interested in a solution for a setup running R80.10

G_W_Albrecht · ‎2018-02-09

You have experienced that live, did test the issue in lab or is this just a theoretical question ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Louis_Poulin · ‎2018-02-09

All of the above.

Why do you ask?

rajendra_bandil · ‎2018-02-18

Hi,

Could you please provide solution of sk92383 to study. I don't have advanced access.

Remote Access clients can connect to VPN Gateway only once

Regards

Rajendra

Are you a member of CheckMates?

How do you prevent user accounts from being locked when using Remote Access VPN?