VPN 3015 and Active Directory - Password expiry notices.

Unanswered Question
Aug 28th, 2007

I have a 3015 concentrator which supports a host of IPSEC users that I pass authentication to Active Directory (via Radius) in order to grant access. Works dandy, except when someone's password is about to expire. You get the 'your password will expire in 10 days' message when you login on the network, but not over VPN. I think I've asked before, and I know I've tried the 'radius with password expiry' setup, but I've never been able to make this work. Anyone have a success story in this area?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Wed, 08/29/2007 - 15:42


This is a current design limitation with RADIUS with expiry on the concentrator. The only time that the concentrator will prompt for password change is at the time that the password expires.

It is possible with ASA.



Please rate helpful posts


This Discussion