Conc.VPN 3000 + user certificates + radius

Discussion in 'Cisco' started by Christophe, Jan 18, 2004.

  1. Christophe

    Christophe Guest

    Hi!

    We use a CISCO VPN Concentrator 3005 (firmware: 3.6.6) as our IPSEC
    gateway for remote connections.
    We previously used an Activcard radius system to authentify our users,
    but now we want to setup a certificate based authenfication (with
    smartcard tokens).
    We use an Open source PKI to generate our authentification
    certificates. We succeed in configuring the CISCO to support this
    mode. The OU=<branch> is used to identify the user's group. To check
    the users authorization, we want to use a Radius server.

    We wonder if in this case a login/password will be asked to the remote
    users or if the CISCO directly provides the certificate's DN (or any
    other certificate's fields) to the radius server after the
    authentification?

    We did not setup a radius yet, that's why I ask the question :)
    (We hope that no login/password is required : it seems "useless" to
    ask a login ans a password to the user because the authentification
    has been verified durint the IPSEC phase1 negociation).

    Thanks.

    Christophe
    Christophe, Jan 18, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Julio F
    Replies:
    0
    Views:
    706
    Julio F
    Nov 12, 2003
  2. Mike W.

    Saving VPN Conc 3005 config?

    Mike W., Jun 9, 2004, in forum: Cisco
    Replies:
    1
    Views:
    493
    Rik Bain
    Jun 9, 2004
  3. soldara
    Replies:
    1
    Views:
    4,655
    soldara
    Sep 13, 2004
  4. Walter Steiner
    Replies:
    0
    Views:
    724
    Walter Steiner
    Jul 19, 2005
  5. Lord Amoeba

    Self-issued certificates and commercial certificates.

    Lord Amoeba, Apr 30, 2004, in forum: Computer Security
    Replies:
    2
    Views:
    934
    David W.E. Roberts
    May 5, 2004
Loading...

Share This Page