On 02/16/2014 05:35 PM, Kevin Cernekee wrote: > On Sun, Feb 16, 2014 at 7:32 AM, Nikos Mavrogiannopoulos > <nmav at gnutls.org> wrote: >> On 02/16/2014 10:25 AM, Steve wrote: >>> AnyConnect iOS client, input wrong password when connect will lead to >>> "unexpected error" after a long time(5-8s) other than reprompt user >>> credential input. >> What is the expected error to be sent from anyconnect servers when a >> wrong password is sent? > On ocserv I see a "503 Service Unavailable" response and the client gives up. > On nearly all ASAs I see a "200 OK" HTTP response and a "Login failed" > message. Like a login form on a website. It seems it was easier to fix than I though. I've now handled the same way as PAM. The plain module allows for a number of failed attempts before bailing out. regards, Nikos
