Cisco 3.3 User Manual
Page 785

E-5
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix E VPDN Processing
VPDN Process
Figure E-7
NAS Authenticates Tunnel with ACS
7.
After authenticating, the tunnel is established. Now the actual user
([email protected]) must be authenticated. See
Figure E-8
VPDN Tunnel is Established
8.
The HG now authenticates the user as if the user dialed directly in to the HG.
The HG might now challenge the user for a password. The Cisco Secure ACS
at RSP can be configured to strip off the @ and domain before it passes the
authentication to the HG. (The user is passed as [email protected].) The
HG uses its ACS to authenticate the user. See
Username = home_gate
Password = CHAP_stuff
Corporation
VPDN user
User = mary@corporatio
ACS
RSP
ACS
CHAP response
Corporation
VPDN user
User = mary@corporatio
ACS
RSP
ACS