RE: Double authentication (User & Machine) with VPN SSL

From: Weatherford, Chad (CWeatherford_at_scvl.com)
Date: 10/13/05

  • Next message: Ryan, Neil (Mission Systems): "RE: Change MTU settings on Solaris 5.9"
    Date: Thu, 13 Oct 2005 16:53:45 -0500
    To: "Peyman" <peyman.secu@gmail.com>, <security-basics@securityfocus.com>
    
    

    What are your remote users connecting to on your end? A firewall,
    concentrator?
     

    -----Original Message-----
    From: Peyman [mailto:peyman.secu@gmail.com]
    Sent: Thursday, October 13, 2005 12:36 PM
    To: security-basics@securityfocus.com
    Subject: Double authentication (User & Machine) with VPN SSL

    Dear all,

      I was wondering if with a VPN SSL solution, it is possible to
    authenticate the user and the machine both, with their certificates.
      I know that this could be possible with IPSec Over L2TP (machine
    authentication with L2TP, and user authentication with IPSec), and not
    possible with pure IPSec (just a basic login/password with X-Auth
    available in IKE for a user authentication).
      Just to precise my needs :
        - I'd like to authenticate my users with a certificate because
    this is useful for a remote vpn connection, and also for others needs
    (emails, access to some ressources, applications, etc.)
        - I'd like to authenticate the corporate laptops with a unique
    certificate stored securely on it : this is useful to only allow a
    full network access to the corporate network to trusted machines, and
    also to revocate certificates of laptops that might be stolen/lost.

    Thanks a lot for any help,
    Peyman


  • Next message: Ryan, Neil (Mission Systems): "RE: Change MTU settings on Solaris 5.9"