Firewall Wizards mailing list archives
RE: securid authentication transparent to radius?
From: "LeGrow, Matt" <Matt_LeGrow () NAI com>
Date: Wed, 6 Dec 2000 09:47:28 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thomas, The proxy will probably be able to handle the basic authorization transactions. But the important thing is that it has to handle RADIUS challenges. The SecurID protocol can allow for multiple challenges over the same session in certain circumstances (next tokencode, setting a user PIN, etc) so the RADIUS proxy needs to handle those situations to be 100% "SecurID compliant". We used to test RADIUS challenge-response by using the Livingston RADIUS server (used to be at ftp://ftp.lucent.com) and trying to use the presupplied sample menus for login. They use the RADIUS challenge-response capabilities to carry user menus with different authentication options back to the NAS. So if your proxy can carry those responses back to the NAS you should be okay for SecurID. Matt LeGrow Network Associates, Inc. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Note : Opinions expressed herein are most certainly NOT that of my employer :-)
-----Original Message----- From: Kraemmer Thomas [mailto:Thomas.Kraemmer () fth2 siemens de] Sent: Thursday, November 30, 2000 9:26 PM To: 'firewall-wizards () nfr net' Subject: [fw-wiz] securid authentication transparent to radius? Hi! Can anybody tell me if securid authentication is completely transparent to a radius proxy? If I got a securid-aware radius server like CiscoSecure or Steelbelted radius is it possible to put a standard radius proxy between the client and this securid server or must this radius proxy also be securid-aware? Thanks in advance Thomas -- kraemmer () sbs de _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1 Comment: Crypto Provided by Network Associates <http://www.nai.com> iQA/AwUBOi57sPbW52zw8/NBEQLaMQCfZEAydkdXUumJknvHHY1hG3ZRZyMAn0Q1 IyqKbBNhrQnDllxm+LsCCWi7 =6X/0 -----END PGP SIGNATURE----- _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- securid authentication transparent to radius? Kraemmer Thomas (Dec 02)
- <Possible follow-ups>
- Re: securid authentication transparent to radius? Vin McLellan (Dec 08)
- RE: securid authentication transparent to radius? LeGrow, Matt (Dec 08)