beautypg.com

Transparent mode access, User authentication, User authorization – Nortel Networks NN46120-104 User Manual

Page 20

background image

20

Introducing the VPN Gateway

Transparent Mode Access

Access to intranet resources in transparent mode, that is, without going
through the Web Portal, is accomplished using Windows VPN clients
installed on the client PCs. In this mode, remote users will experience
network access as if sitting within the local area network. The following
VPN clients are available:

Nortel SSL VPN client (TDI and LSP version).

Nortel IPsec VPN client (formerly the Contivity VPN client). Not
supported on the ASA 310, ASA 310-FIPS and ASA 410 hardware
models.

Net Direct installable client.

User Authentication

User authentication is supported using the following methods:

RADIUS (including Challenge/Response)

LDAP (including Microsoft Active Directory)

NTLM (Windows NT Domain, including Microsoft Active Directory)

Secure Computing SafeWord (RADIUS)

Netegrity SiteMinder

RSA SecurID (native or through RADIUS)

RSA ClearTrust

ActivCard (RADIUS)

Novell NDS/eDirectory (LDAP)

Client certificate authentication

Local database authentication

User Authorization

User authorization is controlled through the user’s group membership. Two
different authorization profile types are supported:

The base profile defines a group member’s access rights to networks,
services and paths.

The extended profile (optional) also defines a group member’s access
rights depending on conditions related to the user’s connection, for
example, source network, authentication method, access method,
client certificate installed and/or Tunnel Guard checks passed.

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.