Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Password expiration prompt VPN via RADIUS

We have an ASA 5510 running 7.2(4) and have VPN setup using Cisco secure client. Authentication is done through RADIUS running on a windows 2003 server (IAS).

Our problem is, users aren't being notified that their password is about to expire, and once it does they can no longer authenticate.

I have tried setting "Enable Notification Upon Password Expiration" and "Enable Notification Prior to Expiration", but this is not doing anything.

Please help. This is going to be a huge issue soon, as we just did password expiration policy for SAS70 compliance and passwords are about to start expiring enmasse. Almost all of our users are road warriors.

~rick

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Password expiration prompt VPN via RADIUS

Rick,

For this to work for clients connecting to an ASA, we'll need to make sure of a few things :

1. That the tunnel-group these clients are connecting to has the following command configured:

password-management

2. The VPN client version 5.0.00 is affected by a bug which fails to prompt the user for

the new password. If you're running this version, I'll suggest an upgrade or downgrade.

Regards,

~JG

Do rate helpful posts

2 REPLIES

Re: Password expiration prompt VPN via RADIUS

Rick,

For this to work for clients connecting to an ASA, we'll need to make sure of a few things :

1. That the tunnel-group these clients are connecting to has the following command configured:

password-management

2. The VPN client version 5.0.00 is affected by a bug which fails to prompt the user for

the new password. If you're running this version, I'll suggest an upgrade or downgrade.

Regards,

~JG

Do rate helpful posts

Community Member

Re: Password expiration prompt VPN via RADIUS

Thanks JG, it was indeed 5.0.00. Tried it with 5.0.03 and worked fine.

~r

367
Views
0
Helpful
2
Replies
CreatePlease to create content