12-06-2020 12:39 AM
Hi
i use cisco router (in edge)for remote access vpn server for windows clients (users connect from internet ) and router
use aaa server (CISCO ISE 2.4) for authentication users .
my problem :
how remote access vpn users (L2TP Over IPSEC) can change password after connect ?
can i use cisco ise Guest Portal for this problem ? if yes , how ?
thanks
12-06-2020 12:49 AM
is this a AD integration or Local users in ISE ?
12-06-2020 01:08 AM
Local users in ISE
12-06-2020 02:24 AM
@hamidreza.taghipur You can create a MyDevices portal, they can change the password once logged into the portal. This will change their internal ISE password used for the VPN.
HTH
12-06-2020 07:20 AM
Thanks for reply ,
I create device portal the same sample
But users after connect vpn , can not open portal url (https://ise ip:8443) and just show certificate error page , should i create authorize rule for this ?
12-06-2020 07:56 AM - edited 12-06-2020 08:14 AM
When you say certificate error, is it just that the users don't trust the certificate in use on that portal? If they just acknowledge the certificate error, they should be able to continnue and the portal will be presented. If you don't want this error you could use a certificate signed by a public CA.
Provide a screenshot if that is not the case.
12-06-2020 08:20 AM
Excuse me
my purpose in certificate error was " this is blank page with certificate error "
And i have not login change password page
12-06-2020 09:06 AM
So you created a mydevices portal using the example you provided?
Did you configure it to listen on port 8443 as you specified?
Provide screenshots of your mydevices portal configure and the error you get.
12-06-2020 10:13 PM
i send my config screenshot , i have not any logs endpoint id after connect vpn clients , and no endpoint identity group
12-07-2020 01:59 AM
Under the portal configuration, click the portal test URL - use that url. Alternatively define an FQDN under the configuration, you'll need a DNS entry on your internal DNS server.
12-07-2020 06:28 AM
The problem could not be solved
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: