We curently use Cisco VPN clients ver 4.6.04 sucessfully (on Windows XP) with RSA SecurID hardware tokens and terminate the VPN on a 7206VXR router running IOS ver 12.3(15)
We are running some tests with the same VPN client terminating on the same 7206VXR but using RSA SecurID software tokens (generated by RSA software on the client PC - RSA software token ver 2.5.1).
Authentication works fine when using the RSA SecurID software in pinpad mode i.e when prompted for the username and password, the PIN is entered into the RSA software and a PASSCODE is generated which we then enter into the VPN client and our VPN is successful.
The question is, with this version of VPN client and VPN termination device is it possible to have the VPN client pull the passcode directly from the RSA software so that the user only has to enter their RSA PIN, without having to manually generate a PASSCODE? Please can anyone confirm?
Reading through Cisco documentation, this used to be possible using The 'Cisco VPN 3000 Client Version 2.5' VPN software. We have tried configuring the related Cisco VPN client .ini files and .pcf files without success. It appears to me that from ver 3.0 of the Clisco VPN client, this option was removed. Is there now only one type of VPN client for all types of VPN termination devices (VPN 3000, Pix and IOS devices/routers)?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...