[c-nsp] VPN3000 intermittent GUI login problem & hardening -2nd pose

nevot r.nevot at gmail.com
Sat Jul 30 11:39:44 EDT 2005


As far as I know, VPN3k does not run IOS-like software so no 'service
password encryption' and such commands are valid.
regards

2005/7/30, Cis Ckp <cisckp8 at yahoo.com.sg>:
> Hi
> 
> Just to add :
> I've just checked a while ago & looks like this problem
> of "invalid login" at the http GUI login is still there - so
> looks like it may need a reboot.
> 
> I've attached the savelogs here - apologies if this is not
> appropriate.
> 
> Thanks
> Ckp
> 
> Cis Ckp <cisckp8 at yahoo.com.sg> wrote:
> Hi,
> 
> I recently took over the support of one VPN 3000 & was tasked to
> harden it like :
> - use TACACS for login authentication
> - insert login banner
> - recovery password with "service password-encryption"
> 
> I'm not sure if all these requests from our security can be
> supported on VPN3000 - can someone give input & provide
> a url to harden it?
> 
> 
> Secondly, I kept getting intermittent login problem (which
> sometimes go away by itself & I heard from my predecessor
> that sometimes it needs reboot). The message is :
> 
> Invalid Login or Session Timeout
> VPN 3000 Concentrator
> Login: admin
> Password: xxxxxxxxxx
> 
> Copyright ⌐ 1998-2004 Cisco Systems, Inc.
> 
> I found that when this problem happens, the VPN clients
> can still login while I can still login thru the console, only
> the http/https web interface (via public interface) gave the
> above login error. We thought it's a bug with the VPN
> software so we upgraded using vpn3000-4.1.7.F-k9.bin
> image (was 4.0.1x-k9 previously but this problem
> still persists; cant remember what's "x")
> 
> If you need the savelog, I can email it to you but I cant
> seem to find anything. As I'm new to this, I still havent
> track down to which syslog server this box logs to.
> 
> 
> Thanks for any help
> 
> 
> 
> 
> Send instant messages to your online friends http://asia.messenger.yahoo.com
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
> 
> ---------------------------------
> Meet your soulmate!
>  Yahoo! Asia presents Meetic - where millions of singles gather
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
>



More information about the cisco-nsp mailing list