Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
290
Views
0
Helpful
1
Replies

VPN3k: HYBRID security properties in Cisco implementation

ovt
Level 4
Level 4

‎12-02-2005 04:52 AM

Hi!

Does anybody know what security properties does the HYBRID authentication method have in Cisco implementation? Specifically, how do they transfer HASH of the pre-shared key in the Notify Payload from the VPN Client to the concentrator? Is it protected by concentrator Public key? Or is this still vulnerable to the sniffing attacks?

Thx,

Oleg Tipisov,

REDCENTER

Labels:
0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎12-08-2005 09:31 AM

For the Cisco VPN 3000 Concentrator, Cisco VPN Client (software client) and Cisco VPN 3002 Hardware Client, Cisco has implemented a feature Hybrid Authentication Mode for IKE.

Cisco's solution extends the Hybrid Auth model by additionally requiring a group pre-shared key for VPN group identification. The group pre-shared key is used solely to associate users with their appropriate VPN groups, followed by the XAUTH exchange that then authenticates the user.

0 Helpful
Customers Also Viewed These Support Documents