[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: User Authentication for home-office scenario

To: ipsec@xxxxxxx, sanjay <sanjay@xxxxxxxxxxxxx>
Subject: Re: User Authentication for home-office scenario
From: Ran Atkinson <rja@xxxxxxxx>
Date: Tue, 30 Dec 97 02:39:02 GMT Standard Time
References: <>
Sender: owner-ipsec@xxxxxxxxxx

--- On Wed, 24 Dec 1997 19:27:58 -0800  sanjay <sanjay@ukiahsoft.com> wrote:

> My question (below) relates to an IPSEC implementation of
> a VPN between a mobile/home user's PC and a corporate VPN 
> gateway/firewall protecting a secured network.
> 
> Is there a standard for authenticating the user with the
> VPN server? The idea is that once the mobile user
> authenticates with the authentication service at the
> VPN server, he can be allowed into the secured network. 
> 
> I am more interested in a standard protocol/message exchange
> sequence (based on some standard) as opposed to different
> schemes such as user/password, one-time-passwords, token cards
> etc.
> 
> What do most commercial remote-user/corporate-VPN-server 
> implementations do for user authentication? Do they use
> proprietary protocols?
---------------End of Original Message-----------------

There are a number of possible approaches.

One reasonable approach is to use RADIUS Authentication
and the RADIUS Mandatory Tunneling Attribute to specify
the IPsec tunnel endpoint relative to the dialup TAC.

Ran

References:
- User Authentication for home-office scenario
  - From: sanjay

Prev by Date: Re: Results of the IPSEC document reading party
Next by Date: Re: a drop/bypass action negotiation issue
Previous by thread: User Authentication for home-office scenario
Next by thread: Breaks compatablity
Index(es):
- Date
- Thread