From owner-freebsd-questions Fri Apr 20 6:58:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from stargate.compuware.com (stargate.compuware.com [166.90.248.158]) by hub.freebsd.org (Postfix) with SMTP id 87A1C37B422; Fri, 20 Apr 2001 06:58:04 -0700 (PDT) (envelope-from Bill.Barkell@compuware.com) Received: from [199.186.16.12] by stargate.compuware.com via smtpd (for hub.freebsd.org [216.136.204.18]) with SMTP; 20 Apr 2001 13:58:04 UT Received: from bh1.compuware.com (compuware.com [172.22.1.239]) by cwus-dtw-mr02.compuware.com (Postfix) with ESMTP id 1667B74EF6; Fri, 20 Apr 2001 09:58:03 -0400 (EDT) Received: by bh1.compuware.com with Internet Mail Service (5.5.2653.19) id ; Fri, 20 Apr 2001 09:58:02 -0400 Message-ID: From: "Barkell, Bill" To: 'Tony Landells' , Otter Cc: questions@FreeBSD.ORG, security@FreeBSD.ORG Subject: RE: remote SecureID authentication anyone? Date: Fri, 20 Apr 2001 09:57:58 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Secure ID can be set up for VPN in the following manner: (there may be other ways as well) 1) VPN gateway is connected to internet 2) SecureID ACE server is set up on internal network 3) VPN gateway is told to pass authentication to the ACE server Client connects to the gateway, conversation takes place between the gateway and the ACE server, gateway grants access to client. This does work with several popular VPN gateway products. William Barkell Network Security Analyst Corporate Information Systems Compuware Corporation 31440 Northwestern Highway Farmington Hills, MI 48334 -----Original Message----- From: Tony Landells [mailto:ahl@austclear.com.au] Sent: Friday, April 20, 2001 3:33 AM To: Otter Cc: questions@FreeBSD.ORG; security@FreeBSD.ORG Subject: Re: remote SecureID authentication anyone? otterr@telocity.com said: > I'm looking to setup a machine in our office so a few of us can get in > on a VPN for network access after hours from home. I've heard VPNs are > possible. After discussing this with office management, they say the > only way we can do this is to use security in addition to passwords. > When I asked if our SecureID cards/keychains would work, they agreed > on it. Now... has anyone got this setup or something similar? I looked > on the mailing list archives with no luck... searched some web > pages... I even remember ssh2 using it, but now I don't see any > reference to it in the openssh or ssh2 makefiles. Answers and/or > suggestions are greatly appreciated. To some extent this depends what you're intending to use for your VPN. The SecurID server can be configured to handle RADIUS authentication, so any VPN software that can do RADIUS can do SecurID. Tony -- Tony Landells Senior Network Engineer Ph: +61 3 9677 9319 Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355 Level 4, Rialto North Tower 525 Collins Street Melbourne VIC 3000 Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message