- CheckMates
- :
- Products
- :
- Quantum
- :
- SMB Gateways (Spark)
- :
- Endpoint Security
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Endpoint Security
Hello,
My organisation is using Endpoint Security as to create C2S VPN.
The users are connecting with internal Firewall user accounts on the 1570 Security Gateway.
My question is :
How can a user change their password once a VPN session has been established? I cannot see an easy way to do it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is your use case?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We have a 1570 Security Appliance as the Firewall R80.20.20 (992001869)
Users are using Endpoint Security Client version VPN E84.60
Users create C2S VPN tunnels to the Firewall and login using internal user accounts only (user/password).
> There is no backend AD, LDAP or Radius authentication.
User would like to create VPN session and then change password manually, or have a forced password change upon initial login.
There appears to be no obvious way to do this.
Can this be done, or what alternatives are there ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you are using a locally managed appliance, the answer is "No", and the alternatives would be to use an external auth server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the reply, so there is no way an end user is able to change their local account password on a firewall ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No, unless you give that user admin rights, which is not the best scenario. Using external authentication is the way to do that.