We're using ACS 4.2 for AAA for all of our Cisco devices. The ACS server uses our RSA SecurID server and it works great. Except when the token goes into next tokencode mode. Instead of being prompted for the next tokencode after a successful auth, it prompts for a password change.
Other devices using the SecurID server aren't having this problem, so I'm sure it has to do with the ACS. Had anyone else seen this sort of thing before?
Here's our setup:
ACS 4.2(0) Build 124 Patch 7
RSA Appliance 2.0.2 Auth Manager 6.1.2 (142)