Security Basics mailing list archives
RE: 2 factor authentication through vpn ?
From: stephen at unix dot za dot net <stephen () unix za net>
Date: Mon, 9 Jun 2003 08:02:53 +0200 (SAST)
for my vpn i only allow 2 pc's out side of the internal to connect. 1 in one office and 1 in another. pretty basic setup.. users dialup to their own isp, then connect to my win2k vpn server via a freebsd nat/gateway pc. 2 users have vpn access pwd's which are different to their normal pwd. and then just to make sure it's them, the dhcp server only serves 2 vpn ip addresses which have to match the MAC address on the NIC... probably not the best way, but atleast i know when they connecting they are connecting from the office pc's (unless someone stole the NICs or broke into the office). so if the MAC addresses doesn't match, the connection is dropped because it won't get issued an IP. stephen. -- Success On Hold (www.soh.co.za) stephen () unix za net tel: (031) 207 4811 On Thu, 5 Jun 2003, Dr. S. A. Vetha Manickam wrote:
Another best option would be going for PKI based solution. Either you can buy only few certificates on smart cards for roaming users or one can implement simple PKI in many form inclduing OpenPKI. Even though SecureID provides a one time password techniques, it can never be used for secure communications. If you want secure communication with strong authentication, then VPN clients with certificates on smart Card. --- ===== __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- 2 factor authentication through vpn ? fuzion . (Jun 05)
- <Possible follow-ups>
- RE: 2 factor authentication through vpn ? Nina V. Levitin (Jun 05)
- RE: 2 factor authentication through vpn ? Dr. S. A. Vetha Manickam (Jun 06)
- RE: 2 factor authentication through vpn ? stephen at unix dot za dot net (Jun 09)
- RE: 2 factor authentication through vpn ? Dr. S. A. Vetha Manickam (Jun 06)