05-23-2019 04:37 PM
OK, been working on this a while and I'm down to just a few more items.
I am using a 5510 as a VPN server for multiple clients.
I can connect into my network BUT,
If I set the user account on ISE to force a password change, the login process is not working.
The user doesn't get any indication to change their password. When I look up the transaction in the RADIUS log I get 5400 Authentication failed with reason 24203 User need to change password.
What am I doing wrong.
I also tried this using RADTEST from ACS and I get the same thing. No indication or message to change password.
Thanks
Joe
05-30-2019 07:46 AM
Hi Joe,
Check on the Tunnel Group whether the command password-management is present.
Refer: Password Change on 1st Login for Locally Created User
05-30-2019 09:10 AM
Yep, I found that a few days ago and that was the reason.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide