Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

vpn client radius ad password change

Hi

I've read a few posts about this on the forum and it seems like very few people are able to resolve the issues they are having.

I have a working remote access vpn and I'm trying to add the password-expiry functionality.  I've set a test user in AD to "change password at next logon" and when I logon using this user in the vpn client (5.0.07.0410) I am prompted for a box to type my new password twice.  This is never written back to the server and the original authentication box pops up again.  The password change box has the codes E=648, R=0, V=3 as in the attached image.

Does anyone have this working with radius and AD?  A windows password change would normally request the old password to reauthenticate and then the new password twice.

Thanks

Cammy

Everyone's tags (5)
1 REPLY

vpn client radius ad password change

Cammy,

Are you using radius to authenticate the vpn session or are you using ldap which is pointing to AD for authentication? This will work with radius since you can use mschap v2, however i want to be sure how you have your ASA setup first.

Thanks,

Tarik Admani

Tarik Admani *Please rate helpful posts*
1223
Views
0
Helpful
1
Replies