All Topics » Pulse Mobile Clients

Change temporary password through Radius - Cisco ACS 5.7

Contributor (0)
Jan 13, 2016 8:32pm
I'm running my primary authentication against OCSP checks and extracting the values of the CN and OU fields of the CERT to determine what role a user will be dropped in to.It's working great.

I have a Cisco ACS 5.7 setup as a RADIUS Server sitting behind my MAG2600s for second authentication.
The authentication is working as expected, but I can't get the 'password prompt' pushed through the pulse client and force the user to change their password when logging in for the first time. After speaking with Cisco, the ACS pushes the prompts through with MS-CHAP. I don't think my MAG2600 supports MS,-CHAP.


Pulse Secure Contributor (40)
Apr 15, 2016 4:16am
Yes, that is correct: the PCS appliances do not support MS-CHAP. I would recommend putting in an enhancement request through your account team