Chapter 5 Establishing a VPN Connection

Choosing Authentication Methods

Figure 5-6 User Authentication for RADIUS

Enter your username and password and click OK.

Check the Save Password check box if you do not want to be prompted for your RADIUS password each time you start a VPN session using this connection entry.

Note If you cannot choose the Save Password option, your system administrator does not allow this option. If you can choose this option, be aware that using it might compromise system security, because your password is stored on your PC and is available to anyone who uses your PC.

If Save Password is checked and authentication fails, your password may be invalid. To eliminate a saved password, choose Erase User Password from the Connection Entries menu.

SecurID Authentication

RSA SecurID® authentication methods include physical RSA SecurID cards and keychain fobs, and PC software called RSA SecurID for passcode generation. RSA SecurID cards can vary. The passcode might be combination of a PIN and a card code, or you might be required to enter a PIN on the card to display the passcode. Ask your network administrator for the correct procedure.

When you use RSA SecurID passcodes for authentication:

The process varies slightly for different operating systems.

If you use physical RSA SecurID cards or keychain fobs, the VPN Client displays the appropriate RSA user authentication dialog box.

If you use RSA SecurID for passcode generation, it must be running on your workstation.

In most configurations, you use RSA SecurID with VPN group authentication. With this type of authentication, two prompts appear. The first prompt is for the VPN group name and password, and the RSA SecurID user authentication prompt follows (Figure 5-7).

VPN Client User Guide for Mac OS X

 

OL-5490-01

5-5

 

 

 

Page 59
Image 59
Cisco Systems OL-5490-01 manual SecurID Authentication, User Authentication for Radius