[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Securid authentication for IKE client



Make sure to define your policy for Xauth support. Xauth is the only way to
get the securID info passed to the gateway. 

Also, any gateway you use MUST have specific support for ACE server features
within the Xauth exchange in order to work as customers want. "Ace advanced
features" are things like new-pin or next-key, which are ACE proprietary
equivalents to RADIUS access-challenge.

Gregory.

-----Original Message-----
From: Ravi
To: Mittal Harshwardhan-A18990
Cc: ipsec@lists.tislabs.com
Sent: 7/9/03 9:20 PM
Subject: Re: Securid authentication for IKE client

Hi,
          I am not sure whether CISCO5000 supports this or not. But, you
should have
          X-Auth support for this to work. Also, make sure that X-Auth
implementation
          supports RSA SecureID transactions by both VPN client and
CISCO 5000 servers.
      Regards
      Ravi

Mittal Harshwardhan-A18990 wrote:

> Hi all,
> 
> I am currently working on a VPN client and wants to get the client
authenticated using RSA Securid ACE card.
> I have all required information ( userid, passcode, acecard value).
> 
> IKE phase 1 is complete with some default group-id and password.
> 
> I am using Cisco 5000 series concentrator as a server which is not
under my conrol, 
> but I have my ace-card and laptop (windows and linux) client (provided
by Cisco) configured for the server,
> and I am able to estblish VPN session both from linux and windows.
> 
> My question is what is the packet format in which I can send my
ace-card credentials to the cisco server
> to get my client authenticated.
> What is the protocol, I think Cisco client is sending this info in
form of IKE informational exchange.
> but as the packet is encrypted using ISAKMPD SA I am unable to find
out the packet format.
> 
> thanks in anticipation
> 
> Regards,
> Harsh
> 

-- 


The views presented in this mail are completely mine. The company is not
responsible for whatsoever.
------------------------------------------------------------------------
Ravi Kumar CH
Rendezvous On Chip (i) Pvt Ltd
Hyderabad, India
Ph: +91-40-2335 1214 / 1175 / 1184

ROC home page <http://www.roc.co.in>