Ask the Expert

How do I connect to our VPN with authentication ID?

I would like to connect wireless laptops to our VPN using a Nortel Contivity VPN gateway and RSA SecurID authentication. The catch is that the switch requires a group ID and password as well, and I'm not sure where to place those credentials in the SoftRemote Client in order to connect to this VPN

    Requires Free Membership to View

The Nortel VPN gateway uses XAUTH for RSE SecurID user authentication. XAUTH is an extension to standard IKE authentication that occurs after phase one pre-shared key authentication, before phase two IPsec tunnel establishment. Therefore, you should follow your VPN client's instructions for configuring a pre-shared key (not a certificate).

In SoftRemote, under the Phase 1 branch of the VPN gateway's configuration, choose Authentication Method = Pre-Shared Key; Extended Authentication. Then enter the Nortel's Group ID and password by clicking on the My Identity configuration. Choose ID Type = Domain Name, enter the Group ID in the field beneath ID Type, and then click on Pre-Shared Key to enter your Nortel's VPN gateway's password.

The wireless user will be prompted to enter his or her SecurID one-time password after IKE phase one authentication is successful using that pre-shared key. This ensures that a laptop with an installed VPN client and saved pre-shared key cannot be used to break into the VPN without the user's SecurID token.

This was first published in July 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: