Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Herschel_Liang
Collaborator

Serveral question about Identity Awareness in VPN

Hi all,

1. Identity Awareness VPN: when client dail to gw, which will authenticate with AD? GW or SMC? Or GW cached authentication message in local?
2. How to config two-factor authentication in VPN? If I want to config another factor is OTP in Mobile access VPN, CP only support RSA?
3. Can we config two-factor authentication only in Radius server?

Best Regards!

5 Replies
PhoneBoy
Admin
Admin

In general, if you want to configure multi-factor authentication, RADIUS is the mechanism to do it.

Legacy SecurID is also supported, but even SecurID uses RADIUS these days.

The authentication occurs between the gateway and the RADIUS (or SecurID) server.

If you want to require multiple authentication schemes (e.g. Certificates plus Password, be it with RADIUS or whatever), then refer to: Multiple Authentication Schemes for Mobile Access / Remote Access 

0 Kudos
Herschel_Liang
Collaborator

We want to use two-fator authentication in our production enviroment, mobile access vpn and Endpoint Security VPN. Which combinations need client license? THX!

0 Kudos
PhoneBoy
Admin
Admin

Mobile Access VPN uses Mobile Access licenses, which are based on concurrent users connected to gateway.

Endpoint Security VPN requires Endpoint Licenses, which are based on number of hosts installed.

The authentication you use isn't relevant to the above. 

Herschel_Liang
Collaborator

OK, THX! Another about IA+VPN question, CP cooperate with Radius server(cooperate with LDAP+OTP), we want to input

username: LDAP username

PSW:      LDAPpsw+OTP                in VPN authentication login.

Can it come true in CP? 

0 Kudos
PhoneBoy
Admin
Admin

The SK I linked in my original response explains how the VPN client supports multiple authentication schemes (specifically how to require more than one).

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events