IPsec and User Authentication
Ole Vik
Ole.Vik at CONNECT.NO
Tue Feb 13 16:29:55 EST 2001
We are selling SonicWALLs and we use Radius for user validation/authenication. Mostly SecurID with their cards. This is a very easy implementation and scales well, if needed.
--
Ole Vik, Connect AS, Blakstadmarka 26, 1386 Asker, Norway.
Telephone +47-66 90 23 00. Telefax +47-66 90 23 05.
On 13. februar 2001 16:43, Tina Bird <tbird at PRECISION-GUESSWORK.COM> wrote:
>Hi all --
>
>I am in the middle of revising my VPN tutorial (the
>USENIX/SANS class), and in looking at the IPsec
>section a question has arisen.
>
>How many of you are using IPsec for remote access
>VPN -- that is, for replacing dial-ups for individual
>users, rather than site-to-site? If you are, what
>are you doing for user authentication?
>
>The book answers seem to be user-based digital
>certificates (if you've got some way to associate
>them with a user rather than a machine), one of the
>"hybrid" authentication mechanisms (XAUTH and its
>relatives), or some layering of IPsec with protocols
>like PPTP or L2TP (which include "traditional" user
>authentication support). But I'm curious to see
>what people who are really >doing< it are doing.
>
>Thanks for any info. For those who are curious,
>I will post results to the list -- and if you really
>want to get the gorey details, I'll be teaching the
>class at SANS in Baltimore in May.
>
>cheers -- tbird
>
>VPN: http://kubarb.phsx.ukans.edu/~tbird/vpn.html
>life: http://kubarb.phsx.ukans.edu/~tbird
>work: http://www.counterpane.com
>
>VPN is sponsored by SecurityFocus.COM
>
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list