Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
240
Views
0
Helpful
2
Replies

Confirming VPN concentrator identity with using digital signature mode.

rbays@angelo.edu
Level 1
Level 1

‎07-18-2005 06:30 AM

When using digital signature mode for authentication in an Hybrid IKE proposal, how does the VPN client confirm that any concentrator is the correct concentrator to connect to? As I have read the configuration documents, the client's only pieces of information are the DNS name/ip address of the concentrator that it is connecting to and the root certificate for the CA that issued the concentrator's cert. It seems to me that any device with a valid certificate issued from that CA could masquerade as a vaild concentrator because it digial signature would be correct. I understand how the signature validates the information signed with it, but how does digital signature mode insure that I am connecting to the right device? Does it do some matching based on the name within the certificate? Thanks in advance.

Labels:
0 Helpful
2 Replies 2

rbays@angelo.edu
Level 1
Level 1

‎07-19-2005 06:16 AM

Shameless attempt to push this back up. Sorry.

0 Helpful

Not applicable

‎01-15-2008 07:12 AM

Hi, Just wondered if you ever got a reply on this ?

Thanks

Colin

0 Helpful
Customers Also Viewed These Support Documents