Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1521
Views
0
Helpful
1
Replies

vpn client radius ad password change

Cameron Webster
Level 1
Level 1

‎04-26-2012 12:35 AM - edited ‎03-10-2019 07:02 PM

Hi

I've read a few posts about this on the forum and it seems like very few people are able to resolve the issues they are having.

I have a working remote access vpn and I'm trying to add the password-expiry functionality.  I've set a test user in AD to "change password at next logon" and when I logon using this user in the vpn client (5.0.07.0410) I am prompted for a box to type my new password twice.  This is never written back to the server and the original authentication box pops up again.  The password change box has the codes E=648, R=0, V=3 as in the attached image.

Does anyone have this working with radius and AD?  A windows password change would normally request the old password to reauthenticate and then the new password twice.

Thanks

Cammy

Labels:
Preview file
18 KB
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎04-26-2012 02:54 PM

Cammy,

Are you using radius to authenticate the vpn session or are you using ldap which is pointing to AD for authentication? This will work with radius since you can use mschap v2, however i want to be sure how you have your ASA setup first.

Thanks,

Tarik Admani

0 Helpful
Customers Also Viewed These Support Documents