Solved: Enabling Forgot password reset option prior to windows login over wifi with Cisco any connect

farhan.bhatti1 · ‎11-20-2018

We are using dot1x over wired and wireless network and its working fine. we are doing POC of software, which gives an option for machine user to reset the password prior to logon to machine itself. Usually, in case of account lock, user need to call help desk to activate his account. With new software , new button will appear during windows login page and user can click on button, which will ask security question and then proceed to reset the password.

POC is working fine with wired user, where we have allowed machine communication to POC server and user is able to reset the password.

Problem start, when user tries to reset the password over wifi. As user connect to wifi after login, therefore there is no wifi connectivity with corporate ssid or no ip address prior to login. We are using Cisco anyconnect.

I need to know, is there any effective way of authentication except machine based authentication to connect wifi prior to windows login.

pan · ‎11-21-2018

Machine authentication is best way and is more secure.

Other less secure option which you can try is use guest authentication type concept, means allow anybody to authenticate based on MAB on a particular SSID but give them limited access to network.

View solution in original post

pan · ‎11-21-2018

Machine authentication is best way and is more secure.

Other less secure option which you can try is use guest authentication type concept, means allow anybody to authenticate based on MAB on a particular SSID but give them limited access to network.