Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
602
Views
0
Helpful
1
Replies

can VPN3k SSLVPN authenticate user using both radius and cert?

zhichao
Level 1
Level 1

‎12-20-2005 04:56 AM - edited ‎02-21-2020 10:14 AM

The customer is planning to use SSLVPN client on the VPN3k.

The requirement is:

VPN3k will prompt user for username/password for radius authentication. If verification is successful, cisco will download it's ssl client and installs it into the user's pc.

They also want VPN3k to check whether the user has a certificate installed in his/her PC. If yes, then proceed to download the client. If no, then cisco will log the user out.

Can this be done?

Thanks in advance!

Labels:
0 Helpful
1 Reply 1

vkapoor5
Level 5
Level 5

‎12-26-2005 10:39 AM

My understanding on SSLVPN is as follows.

The main purpose of SSLVPN is to have access to the protected resource from "anywhere". By 'anywhere' I mean from any machines from Internet Kiosks, from your friend's home computer etc. So, the users will not have their certificates installed on these machines. The authentication will based only on the RADIUS authentication.

SSLVPN does not expect the clinet to authenticate. Only the server authenticates like in Internet transactions. But I also remember that the SSL protocol has an option to authenticate the client certificate.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents