Security Basics mailing list archives

RE: 2 factor authentication through vpn ?

From: stephen at unix dot za dot net <stephen () unix za net>
Date: Mon, 9 Jun 2003 08:02:53 +0200 (SAST)


for my vpn i only allow 2 pc's out side of the internal to connect.  1 in
one office and 1 in another.

pretty basic setup..

users dialup to their own isp, then connect to my win2k vpn server via a
freebsd nat/gateway pc.

2 users have vpn access pwd's which are different to their normal pwd.

and then just to make sure it's them, the dhcp server only serves 2 vpn ip
addresses which have to match the MAC address on the NIC... probably not
the best way, but atleast i  know when they connecting they are connecting
from the office pc's  (unless someone stole the NICs or broke into the
office).

so if the MAC addresses doesn't match, the connection is dropped because
it won't get issued an IP.

stephen.


--
Success On Hold
(www.soh.co.za)

stephen () unix za net
tel: (031) 207 4811



On Thu, 5 Jun 2003, Dr. S. A. Vetha Manickam wrote:

Another best option would be going for PKI based solution. Either you can buy only few
certificates on smart cards for roaming users or one can implement simple PKI in many
form inclduing OpenPKI.

Even though SecureID provides a one time password techniques, it can never be used for
secure communications. If you want secure communication with strong authentication, then
VPN clients with certificates on smart Card.



---

=====


__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com

---------------------------------------------------------------------------
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

2 factor authentication through vpn ? fuzion . (Jun 05)
- <Possible follow-ups>
- RE: 2 factor authentication through vpn ? Nina V. Levitin (Jun 05)
  - RE: 2 factor authentication through vpn ? Dr. S. A. Vetha Manickam (Jun 06)
    - RE: 2 factor authentication through vpn ? stephen at unix dot za dot net (Jun 09)