We are using Windows Vista SP1 VPN with RSA Authentication Agent for Windows v. 6.1.2 to connect to a Microsoft ISA 2006 Server with RSA Authentication Manager v. 6.1.2. We are using EAP with secure ID tokens. We have no problem in establishing the VPN connection and getting access to internal network resources! The problem arise when an administrator enables "User must change password at next logon" on the users domain account or when the users password expires.When the user then establishes the VPN connection at logon time, the user is not prompted by Vista for changing password (as it would if the user was directly on the company LAN)??? However since the domain require that the password must be changed, is seems that the user is not allowed access to the PC and the user is returned to the login screen!? The result is that the user is not able tologin tohis PC. Anyone seen this before? Is there a solution somewhere??Best regardsBobo

Hi Bobo, Thank you for posting. To make the issue clear, please let us know the following: 1. Please use the option Logon Using Dial-Up Connections when logon the computer via VPN. For detail steps, please refer to the following document: Where Is Logon Using Dial-Up Connections in Windows Vista? http://blogs.technet.com/grouppolicy/archive/2007/07/30/where-is-logon-using-dial-up-connections-in-windows-vista.aspx Please following the steps of Create a system dial-up connection in Windows Vista and Finding the equivalent of log on using dial-up connections. Please let us know if you are logging on in this way. If not, please provide detail steps of how you logon and capture a screen shot of the error. Capture a screenshot ============== 1) Press the Print Screen key (PrtScn) on your keyboard. 2) Click the "Start" menu, type "mspaint" in the Search Bar and Press Enter. 3) In the Paint program, click the "Edit" menu, click "Paste", click the "File" menu, and click "Save". 4) The "Save As" dialogue box will appear. Type a file name in the "File name:" box, for example: "screenshot". 5) Make sure "JPEG (*.JPG;*.JPEG;*.JPE;*.JFIF)" is selected in the "Save as type" box, click Desktop on the left pane and then click "Save". Please use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file and share its URL with us. 2. Which Operating System the ISA server is running on? Windows Server 2003 or Windows Server2008? 3. Please let us know if IAS/NAP is used as RADIUS server for ISA 2006. Thanks.Nicholas Li - MSFT