[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: User Authentication for home-office scenario




--- On Wed, 24 Dec 1997 19:27:58 -0800  sanjay <sanjay@ukiahsoft.com> wrote:

> My question (below) relates to an IPSEC implementation of
> a VPN between a mobile/home user's PC and a corporate VPN 
> gateway/firewall protecting a secured network.
> 
> Is there a standard for authenticating the user with the
> VPN server? The idea is that once the mobile user
> authenticates with the authentication service at the
> VPN server, he can be allowed into the secured network. 
> 
> I am more interested in a standard protocol/message exchange
> sequence (based on some standard) as opposed to different
> schemes such as user/password, one-time-passwords, token cards
> etc.
> 
> What do most commercial remote-user/corporate-VPN-server 
> implementations do for user authentication? Do they use
> proprietary protocols?
---------------End of Original Message-----------------

There are a number of possible approaches.

One reasonable approach is to use RADIUS Authentication
and the RADIUS Mandatory Tunneling Attribute to specify
the IPsec tunnel endpoint relative to the dialup TAC.

Ran



References: