Security Basics mailing list archives

Double authentication (User & Machine) with VPN SSL

From: Peyman <peyman.secu () gmail com>
Date: Thu, 13 Oct 2005 19:35:50 +0200

Dear all,

  I was wondering if with a VPN SSL solution, it is possible to
authenticate the user and the machine both, with their certificates.
  I know that this could be possible with IPSec Over L2TP (machine
authentication with L2TP, and user authentication with IPSec), and not
possible with pure IPSec (just a basic login/password with X-Auth
available in IKE for a user authentication).
  Just to precise my needs :
    - I'd like to authenticate my users with a certificate because
this is useful for a remote vpn connection, and also for others needs
(emails, access to some ressources, applications, etc.)
    - I'd like to authenticate the corporate laptops with a unique
certificate stored securely on it : this is useful to only allow a
full network access to the corporate network to trusted machines, and
also to revocate certificates of laptops that might be stolen/lost.

Thanks a lot for any help,
Peyman

Current thread:

Double authentication (User & Machine) with VPN SSL Peyman (Oct 13)
- <Possible follow-ups>
- RE: Double authentication (User & Machine) with VPN SSL Weatherford, Chad (Oct 14)
- RE: Double authentication (User & Machine) with VPN SSL Roger A. Grimes (Oct 14)
  - Re: Double authentication (User & Machine) with VPN SSL Peyman (Oct 14)
- RE: Double authentication (User & Machine) with VPN SSL Roger A. Grimes (Oct 21)