I would like to connect wireless laptops to our VPN using a Nortel Contivity VPN gateway and RSA SecurID authentication. The catch is that the switch requires a group ID and password as well, and I'm not sure where to place those credentials in the SoftRemote Client in order to connect to this VPN
The Nortel VPN gateway uses XAUTH for RSE SecurID user authentication. XAUTH is an extension to standard IKE authentication that occurs after phase one pre-shared key authentication, before phase two IPsec tunnel establishment. Therefore, you should follow your VPN client's instructions for configuring a pre-shared key (not a certificate).
In SoftRemote, under the Phase 1 branch of the VPN gateway's configuration, choose Authentication Method = Pre-Shared Key; Extended Authentication. Then enter the Nortel's Group ID and password by clicking on the My Identity configuration. Choose ID Type = Domain Name, enter the Group ID in the field beneath ID Type, and then click on Pre-Shared Key to enter your Nortel's VPN gateway's password.
The wireless user will be prompted to enter his or her SecurID one-time password after IKE phase one authentication is successful using that pre-shared key. This ensures that a laptop with an installed VPN client and saved pre-shared key cannot be used to break into the VPN without the user's SecurID token.
Dig Deeper on Wireless LAN (WLAN)
Related Q&A from Lisa Phifer
As the remote workforce increases, network managers and users might opt to set up two concurrent VPN connections from the same remote device. But ... Continue Reading
Is there a difference between a wireless access point vs. a router? Yes -- while the two wireless devices are related, they meet different needs in a... Continue Reading
Learn the differences between site-to-site VPNs vs. remote-access VPNs and find out about the protocols, benefits and the data security methods used ... Continue Reading