Cisco AnyConnect – Allow Domain Password Change via LDAP
KB ID 0001273 Problem If you have remote users who connect via VPN, and a policy that forces them to change their password periodically, this can result in them getting locked out without the ability to change their password (externally). If your Cisco ASA is using LDAP to authenticate your users, then you can use your remote AnyConnect VPN solution to let them reset their passwords remotely. Solution Standard LDAP runs over TCP...
AnyConnect – ‘Your environment does not meet the criteria’
KB ID 0001232 Problem For an existing client, I was setting up a new user. I connected their laptop though my mobile phone and attempted to connect. This is the error I got. Cisco AnyConnect Logon denied: Your environment does not meet the access criteria defined by your administrator. Solution A cursory glance over the firewall config didn’t yield anything in their AAA settings that was odd, they were simply using LDAP for...
Cisco – Testing AAA Authentication (Cisco ASA and IOS)
KB ID 0001175 Problem I always forget the syntax for this, and I’ve been meaning to publish this for a while so here you go. If you have AAA setup and people can’t log in, then the ability to test authentication against a user’s username and password is a good troubleshooting step! Usually I’m on a Cisco ASA but I’ll tag on the syntax for IOS as well. Solution Cisco ASA Test AAA Authentication From...
Cisco ASA – AnyConnect Authentication via LDAP and Domain User Groups
KB ID 0001152 Problem When I first started doing Cisco remote VPNs, we had Server 2000/2003 and I used to use RADIUS with IAS. Then Microsoft brought out 2008/2012 and RADIUS via NAP. Because I fear and loath change I swapped to using Kerberos VPN Authentication for a while. I had to put in an ASA5512-X this weekend and the client wanted to allow AnyConnect to a particular Domain Security Group “VPN-Users”, so I thought I...
Is Virtual Center 4.1 Supported on Windows Server 2008 R2?
KB ID 0000379 Problem ES! it is, if in doubt see the compatibility matrix. But you have tried to install it and seen an error? Error: This product can only be installed on the following 64-bit operating systems: Windows XP SP2 or above Windows Server 2003 Windows Server 2008 Solution Essentially this just a bad error message that bears no resemblance the the actual problem! The REAL REASON you are seeing this error is because you re...