Re: [Fed-Talk] Authenticate VPN on Mac with CAC
Re: [Fed-Talk] Authenticate VPN on Mac with CAC
- Subject: Re: [Fed-Talk] Authenticate VPN on Mac with CAC
- From: "Shawn A. Geddis" <email@hidden>
- Date: Thu, 20 Sep 2007 13:52:58 -0400
Robert,
Paul is correct, but I wanted to clarify that last statement made
about VPN on the Mac.
Cisco VPN software can't use a CAC for authentication from the Mac
Paul is absolutely correct that the Cisco Client does not support
Smart Cards at all on Mac OS X, However, the built-on Remote Access
Client ("Internet Connect") DOES support Smart Card authentication to
Cisco VPN Concentrators. We have customer who have been using this
for almost 2 years. Typical connectivity is done via L2TP over IPSec
using Smart Cards (EAP-TLS) as well as machine certificates.
Others using Juniper VPN are usually wanting to leverage SSL VPN
solutions. One would simply launch Safari and reference the Juniper
box to begin the SSL VPN negotiation by the OS..
Again, this was just to clarify....
-Shawn
On Sep 20, 2007, at 11:04 AM, Paul Nelson wrote:
This really depends on what kind of VPN solution you are using.
Cisco VPN software can't use a CAC for authentication from the Mac,
but a
Juniper VPN will work and has been tested by the Army.
As for the Apple software, I'm not aware of anyone using that.
Paul Nelson
Thursby Software Systems, Inc.
on 9/20/07 9:44 AM, Robert Kerr at email@hidden wrote:
We are required to use the CAC when when connecting via VPN. PC's
on site
can do this. Is there a way to do this on the Mac. Anyone in the
Air Force
been successful with this? I see that I can use the VPN client
built into
the Mac and point to the cert on my CAC.
What's involved in setting this up? I need to give the PC network
people
more info on this.
Thank You
Robert
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
- Shawn
___________________________________________
Shawn Geddis T (703) 264-5103
Security Consulting Engineer C (703) 623-9329
Apple Enterprise Sales email@hidden
Apple, Inc.
2350 Corporate Park Drive 6th floor
Herndon VA 20171
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden