Hello.
I'm curious about something. I'm going to apply radius authentication using windows NPS, due to the easiness of password policy. The authentication works perfectly, but i got something in mind.
I configured aaa authentication fallback to local at the cisco devices when the radius server is unreachable. But i have a policy that the users have to change the password every 3 months. So when the user expires, we can't ssh to the devices. How can we make it fallback to local authentication, when the radius is reachable? because what i understand is that the authentication will fallback to local only when the radius server is unreachable.
Thank you.
Regards,
Ivan