RE: Double authentication (User & Machine) with VPN SSL

• Previous message: Herman Frederick Ebeling, Jr.: "RE: Wireless Security"
• Maybe in reply to: Peyman: "Double authentication (User & Machine) with VPN SSL"
• Next in thread: Roger A. Grimes: "RE: Double authentication (User & Machine) with VPN SSL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 13 Oct 2005 16:53:45 -0500
To: "Peyman" <peyman.secu@gmail.com>, <security-basics@securityfocus.com>

What are your remote users connecting to on your end? A firewall,
concentrator?
 

-----Original Message-----
From: Peyman [mailto:peyman.secu@gmail.com]
Sent: Thursday, October 13, 2005 12:36 PM
To: security-basics@securityfocus.com
Subject: Double authentication (User & Machine) with VPN SSL

Dear all,

  I was wondering if with a VPN SSL solution, it is possible to
authenticate the user and the machine both, with their certificates.
  I know that this could be possible with IPSec Over L2TP (machine
authentication with L2TP, and user authentication with IPSec), and not
possible with pure IPSec (just a basic login/password with X-Auth
available in IKE for a user authentication).
  Just to precise my needs :
    - I'd like to authenticate my users with a certificate because
this is useful for a remote vpn connection, and also for others needs
(emails, access to some ressources, applications, etc.)
    - I'd like to authenticate the corporate laptops with a unique
certificate stored securely on it : this is useful to only allow a
full network access to the corporate network to trusted machines, and
also to revocate certificates of laptops that might be stolen/lost.

Thanks a lot for any help,
Peyman

• Previous message: Herman Frederick Ebeling, Jr.: "RE: Wireless Security"
• Maybe in reply to: Peyman: "Double authentication (User & Machine) with VPN SSL"
• Next in thread: Roger A. Grimes: "RE: Double authentication (User & Machine) with VPN SSL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]