I would like to connect wireless laptops to our VPN using a Nortel Contivity VPN gateway and RSA SecurID authentication....
The catch is that the switch requires a group ID and password as well, and I'm not sure where to place those credentials in the SoftRemote Client in order to connect to this VPN
The Nortel VPN gateway uses XAUTH for RSE SecurID user authentication. XAUTH is an extension to standard IKE authentication that occurs after phase one pre-shared key authentication, before phase two IPsec tunnel establishment. Therefore, you should follow your VPN client's instructions for configuring a pre-shared key (not a certificate).
In SoftRemote, under the Phase 1 branch of the VPN gateway's configuration, choose Authentication Method = Pre-Shared Key; Extended Authentication. Then enter the Nortel's Group ID and password by clicking on the My Identity configuration. Choose ID Type = Domain Name, enter the Group ID in the field beneath ID Type, and then click on Pre-Shared Key to enter your Nortel's VPN gateway's password.
The wireless user will be prompted to enter his or her SecurID one-time password after IKE phase one authentication is successful using that pre-shared key. This ensures that a laptop with an installed VPN client and saved pre-shared key cannot be used to break into the VPN without the user's SecurID token.
Related Q&A from Lisa Phifer, Wireless Networking Expert
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert, Lisa Phifer explains that it may not be worth enhancing Wi-Fi ad hoc mode since Wi-Fi Direct is a better alternative for enabling ...continue reading
Wireless expert Lisa Phifer responds to a question regarding a Mi-Fi and Android smartphone mobile hotspot comparison. She provides an in depth ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.