How is everyone handling the fact that the SSLVPN/CudaLaunch on the F series can't handle expired passwords? We've always been using the old Barracuda SSL VPN but we're starting to be denied renewal for the SSL VPN. It meets all of our needs so we hate to see it go.
We've been pushed toward CudaLaunch, but it doesn't support expired AD passwords at all from what I can tell. I've even called support about it but it just isn't something they plan to have apparently. We have a ton of remote workers that never come on site so they can never change their password except through our remote access. We could set them a password that never expires, but that will make us fail most all of our outside security audits. It also lacks any 'easy' 2 factor authentication (security questions, as lame as they are, count as MFA for audits). Sure we could setup people with google authentication but some remote users are desperately tech-illiterate and could never be taught how to do this, much less expecting them to remember how it works for more than a few days.
Is there any fix at all for this or are we going to have to look to a different vendor/solution?
How is everyone already using it handle it?