Guest

Preview Tool

Cisco Bug: CSCun25809 - AnyConnect Password Management Fails with SMS Passcode

Last Modified

Apr 16, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.0(2)

Description (partial)

Symptom:
When using 'SMS Passcode' for AAA for AnyConnect clients, the password management feature configured on the ASA fails ("password-management").  

The end result is that the client password expires, and the AnyConnect client is not able to reset the password from the AnyConnect GUI prior to expiration.

This failure is seen with ASA version 9.0.2, and possibly other versions.

**This bug seems to only affect password expiration for client (AnyConnect) connections.  This behavior has not been seen on webvpn (clientless) connections.

Conditions:
All of the following conditions must be met:
1. ASA is configured for "password-management"
2. SMS Passcode is used as the AAA server for client authentication
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.