Filter
Top Products
4
5. Partner ACE/Agent configuration
Supported authentication types with RSA SecurID product
Client-initiated authentication
Client initiated authentication means that the user starts the authentication process. It can be
done with two tools: Authentication Client software (part of StoneGate VPN Client software)
or using Telnet to connect to the firewall cluster on port 2543.
It is possible to authorize the client's IP address for a period of time with client initiated
authentication. It is also possible to authorize the next opening connection from the client.
The authorization part is specified in the access rule base.
Firewall-initiated authentication
Firewall-initiated authentication means that the firewall cluster starts the authentication
process. It can be used only with the Authentication Client software. This software is part of
StoneGate VPN Client software.
In firewall initiated authentication the firewall makes the connection to the client. This
naturally requires that the client is reachable, e.g. there can't be NAT between firewall
engine and the client.
With firewall initiated authentication it is also possible to authorize either the client's IP
address or the current connection.
No software, other than StoneGate Management system and StoneGate firewall -engine are
required to support Client initiated authentication, though the Authentication Client software
included in the StoneGate VPN Client can be used.
For Firewall initiated authentication support the StoneGate Authentication Client software
MUST be used.