Why is it still not working? I’ve followed all the steps!!! Not one single user has Winter2019 as a password?

Stale Accounts

Maybe you have credentials but they can not do anything on the external VPN. You can spray a legacy endpoint, but if the user has no access to any external services the account might be close to worthless

2. Username/Endpoint Incorrect

Check your usernames — is the format correct? Are you sure you have the right format, the correct UPN and AD Domain? Are you targeting the right endpoint? The right VPN group or realm ?

3. Complex Passwords Enforced

It is possible, though highly statistically unlikely that proper password polices are unilaterally enforced and March2019 and P@ssw0rd can’t be used. This rarely extends to all Internet facing endpoints. Sometimes you just can’t spray with basic passwords and win.

4. MFA (Multi-Factor Authentication) Implemented

You have credentials now, but web mail is using MFA? OKTA? Duo? All legacy protocols might be no longer in use. You may need more than working credentials to log into the VPN.

Is WiFi in scope? Remember you have a working domain user and password which may work on a WPA2-EAP MSCHAPv2, credential only based wireless network.

Can you use those credentials to leverage any more of a foothold somewhere else on the network that’s not on the Internet?. Sometimes the answer might be no, it’s not in scope or it’s simply not possible with a username and password.