Individual user authentication protects the central site
from access by unauthorized individuals on the VPN 3002 private network. It
accomplishes this by requiring each user to open a web-browser session and
manually enter a valid user name and password combination to gain access to the
network behind the VPN Concentrator, regardless of whether a VPN tunnel already
exists. A successful login results in the browser displaying the appropriate
default home page.
This feature can only be used with a browser, not the command-line
interface. Attempts to access non-web-based resources, such as e-mail, on the
network behind the VPN Concentrator will fail until a successful browser
authentication occurs.
To simplify the process and make it as transparent as possible to
the end users, this technology automatically intercepts any users attempting to
traverse the VPN tunnel and redirects them to a browser page to authenticate.
Users needn’t initiate or remember to initiate the security authentication
because it’s done automatically. If users are only attempting to access the
Internet via Split Tunneling, they aren’t prompted to authenticate. Each user
can maintain a maximum of four simultaneous login sessions.
Individual user authentication is configured on the VPN
Concentrator, which then pushes the policy down to the VPN 3002 at the next
connection.
Configuring Individual User Authentication
This feature is enabled on the same screen as the last
feature. The menu selection is Configuration | User Management | Base Group, HW
Client parameters tab, as shown in Figure 15-24 in the previous section.
Check the Require Individual User Authentication check box.
This feature can be used separately or in conjunction with the Interactive
Hardware Client Authentication.
Sections
Comments (0 posted)
Syndication
