5. Partner ACE/Agent configuration
Supported authentication types with RSA SecurID product
Client-initiated authentication
Client initiated authentication means that the user starts the authentication process. It can be done with two tools: Authentication Client software (part of StoneGate VPN Client software) or using Telnet to connect to the firewall cluster on port 2543.
It is possible to authorize the client's IP address for a period of time with client initiated authentication. It is also possible to authorize the next opening connection from the client. The authorization part is specified in the access rule base.
Firewall-initiated authentication
In firewall initiated authentication the firewall makes the connection to the client. This naturally requires that the client is reachable, e.g. there can't be NAT between firewall engine and the client.
With firewall initiated authentication it is also possible to authorize either the client's IP address or the current connection.
No software, other than StoneGate Management system and StoneGate firewall
For Firewall initiated authentication support the StoneGate Authentication Client software MUST be used.
4