greetings!
I'm in process of building a FreeS/WAN VPN + filtering firewall between my
LAN and my 802.11b LAN. I'd like to authenticate with SecurID tokens as we
already have an ACE Server (ver 5.0 methinks). While I realize that IPSEC
VPN's usually uses public-private keys, I'm concerned that a laptop might
get into the wrong hands and then security doesn't matter too much.
Therefore, the two-factor authentication that RSA SecurID provides gives
us that extra layer of assurance that we'd like to have.
Does anyone know if this has been done anywhere or even similar
circumstances? Or perhaps what systems I should put together (http proxy +
FreeS/WAN?) to make this happen. I don't know how the authentication would
work since I'm only familiar with RSA's commercial clients under Windows.
Would I need a client on every wireless node or is it browser based? I
see that RSA offers the ClearTrust product with an Apache reverse proxy.
Is that part of what I might need? I know that ACEServer _does_ support
some subset of the RADIUS protocol if that gives anyone any ideas. I can
use a commercial or Free Software product on either GNU/Linux or Solaris.
Presently, I'm using DUCLING from the Linux Router Project , but I have no
problems moving to a hard drive solution.
thank you,
Jim
- James L. Russell -
Systems Administrator
Louis Dreyfus Corporation
email: [EMAIL PROTECTED]
