This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
i use cisco router (in edge)for remote access vpn server for windows clients (users connect from internet ) and router
use aaa server (CISCO ISE 2.4) for authentication users .
my problem :
how remote access vpn users (L2TP Over IPSEC) can change password after connect ?
can i use cisco ise Guest Portal for this problem ? if yes , how ?
@hamidreza.taghipur You can create a MyDevices portal, they can change the password once logged into the portal. This will change their internal ISE password used for the VPN.
Thanks for reply ,
I create device portal the same sample
But users after connect vpn , can not open portal url (https://ise ip:8443) and just show certificate error page , should i create authorize rule for this ?
When you say certificate error, is it just that the users don't trust the certificate in use on that portal? If they just acknowledge the certificate error, they should be able to continnue and the portal will be presented. If you don't want this error you could use a certificate signed by a public CA.
Provide a screenshot if that is not the case.
my purpose in certificate error was " this is blank page with certificate error "
And i have not login change password page
So you created a mydevices portal using the example you provided?
Did you configure it to listen on port 8443 as you specified?
Provide screenshots of your mydevices portal configure and the error you get.
Under the portal configuration, click the portal test URL - use that url. Alternatively define an FQDN under the configuration, you'll need a DNS entry on your internal DNS server.