Reset Search



KB40708 - Password change fails during an 802.1x authentication

« Go Back


Last Modified Date6/22/2017 2:04 PM
This KB discusses the number 1 cause of authentication failures when a user is required to change their password during an 802.1x authentication.
Problem or Goal
In an 802.1x environment where user authentication works successfully and you are using an 802.1x protocol that allows for password change, users intermittently or consistently fail during password change.
Time, the number one cause of authentication failures during password change during an 802.1x connection is time. To be more specific the 802.1x timer on the switch or WLC the user is connecting to. This timer is also often referred to as the EAP timer. If this timer, universally measured in seconds, is shorter than the time it takes for an average user to come up with and enter a new password then the authentication will time out.

As a matter of course please set the EAP timers for you 802.1x Radius clients to 1 minute or later.
Related Links
Attachment 1 
Created ByBrian Pimentel



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255