SSL VPN users prompted to change password at every login attempt
03/26/2020 19 12317
When users try to connect to SSL VPN using NetExtender, after entering the credentials they are prompted to change the password. This is repeated at the next login attempt.
The option, Apply password constraints for all local users, is unchecked.
This behavior occurs when the option, Enforce password complexity, is enabled and Complexity Requirement has been set under System > Administration under the Login Security section but SSL VPN users have been set a password which does not meet the complexity requirements.
No error is displayed when a password without complexity is set for the SSL VPN user because the option, Apply password constraints for all local users, is disabled.
The administrator of the appliance has two options to work around this behavior:
1. Either Disable Complexity Requirement under System > Administration page.
2. Or set a password which meets the complexity requirements set under the page.