[VPN] SSL VPN and radius authentication

shannong shannon at gillenwater.name
Wed Jun 23 13:45:37 EDT 2004


 
The Juniper/Netscreen/Neoteris SA has two options for this. To simply pass a
username only, you could just create a bookmark for the appropriate group of
users that said http://mysite.com?username=<username>.  The appliance would
then simply substitute the users name when calling the URL.
 
It has a more sophisticated SSO option for form pages and other types.  You
can definitely pass credentials using by substituting the user's name and
password as input tags for when using the POST method.  
 
The username and password being passed do not need to be the same as the
login for the VPN portal.  Other attributes can be queried via RADIUS or
LDAP and passed as well.  The appliance supports variables to pass other
items like an OU, groupname, etc.
 

  _____  

From: vpn-bounces+shannong=texas.net at lists.shmoo.com
[mailto:vpn-bounces+shannong=texas.net at lists.shmoo.com] On Behalf Of
François-Eric Guyomarch
Sent: Tuesday, June 22, 2004 9:23 AM
To: 'vpn at lists.shmoo.com'
Subject: [VPN] SSL VPN and radius authentication



All, 

I am looking for an SSL VPN solution that can adress the following
requirements: 
        1. Can support delegation of authentication to  RADIUS
servers(multiples for failover) 
        2. Can support external group definition(RADIUS attribute or LDAP) 
        3. Can support user identification forwarding to backend
application. a.k. 
                user johndoe connects to http://mysite.com 
                SSL VPN authenticates johndoe to RADIUS server 
                SSL VPN connects user to backend application passing
username in URL : http://mysite.com?username=johndoe

       
Obviously lots of SSL VPn support 1. and 2. but I am having a hard time
finding SSL VPN solution that can do 3. I have found F5 firepass only so far

Does anyone knows of other possible solution? 

thanks 
  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20040623/b97609c3/attachment.htm 


More information about the VPN mailing list