The setup is a VPN Client 5.0 connecting using a VPN Concentrator 3015 (Using RADIUS with password expiry). ACS is setup using a External DB (Windows2k3 DC) with MC-CHAPv1/v2 password changes enabled.
Everything is working. However, when user password is expired the client does not prompt for password change.
ACS can see the failed attemps as 'Authen-Failure-Code - Windows user must change password'. Without the prompt however, the user cannot change his/her password.
Any feedback is welcome. Thanks.