Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Bronze

2003 Microsoft IAS Radius with AAA configs

Radius AAA works great until I have to change my windows password

(ie every 180 days). After changing password, I cannot access routers or switches.

The workaround is to reset my password back to the original password.

How do I get around this?

3 REPLIES
Bronze

Re: 2003 Microsoft IAS Radius with AAA configs

Send the following information from your IAS server to proceed for further troubleshooting.

1. Are you using any 802.1x/EAP authentication?

2. Send me the router/switch configurations relevant to AAA

3. Capture debug aaa authentication on your router/switch and send me the entire debug output captured. Based on that only, I can understand what is actually happening during the failed authentication.

Bronze

Re: 2003 Microsoft IAS Radius with AAA configs

Hi - here it is and not using 802.1x/EAP. Thx

Re: 2003 Microsoft IAS Radius with AAA configs

Hi,

If you are using telnet then that is not supported as telnet uses PAP and password expiry is not supported by PAP (we need mschapv2)

.RADIUS-based Windows Password Aging-Users must be in the Windows user database and be using a RADIUS client/supplicant that supports changing passwords by using Microsoft-Challenge Authentication Handshake Protocol (MS-CHAP).

You can use this to change your password,

http://www.greyware.com/software/domainpassword/

Hope that helps

Regards,

~JG

166
Views
0
Helpful
3
Replies
CreatePlease to create content