cancel
Showing results for 
Search instead for 
Did you mean: 

MAG2600 conducting RADIUS account lookups through a Cisco ACS 5.7 3415 appliances. Can't get password reset prompt.

New Contributor

MAG2600 conducting RADIUS account lookups through a Cisco ACS 5.7 3415 appliances. Can't get password reset prompt.

I'm running my primary authentication against OCSP checks and extracting the values of the CN and OU fields of the CERT to determine what role a user will be dropped in to.It's working great.

I have a Cisco ACS 5.7 setup as a RADIUS Server sitting behind my MAG2600s for second authentication.
The authentication is working as expected, but I can't get the 'password prompt' pushed through the pulse client and force the user to change their password when logging in for the first time. After speaking with Cisco, the ACS pushes the prompts through with MS-CHAP. I don't think my MAG2600 supports MS,-CHAP.


THOUGHTS ANYONE?
1 REPLY 1
Highlighted
Moderator

Re: MAG2600 conducting RADIUS account lookups through a Cisco ACS 5.7 3415 appliances. Can't get password reset prompt.

Yes, MS-CHAP is not supported; however, for this specific query of not being able to change the password, the larger concern is that the RADIUS auth server type does not support password management.