5-5
VPN Client User Guide for Mac OS X
OL-5490-01
Chapter 5 Establishing a VPN Connection
Choosing Authentication Methods
Figure 5-6
User Authentication for RADIUS
Enter your username and password and click
OK
.
Check the
Save Password
check box if you do not want to be prompted for your RADIUS password each
time you start a VPN session using this connection entry.
Note
If you cannot choose the Save Password option, your system administrator does not allow this option. If
you can choose this option, be aware that using it might compromise system security, because your
password is stored on your PC and is available to anyone who uses your PC.
If
Save Password
is checked and authentication fails, your password may be invalid. To eliminate a
saved password, choose Erase User Password from the Connection Entries menu.
SecurID Authentication
RSA SecurID® authentication methods include physical RSA SecurID cards and keychain fobs, and PC
software called RSA SecurID for passcode generation. RSA SecurID cards can vary. The passcode might
be combination of a PIN and a card code, or you might be required to enter a PIN on the card to display
the passcode. Ask your network administrator for the correct procedure.
When you use RSA SecurID passcodes for authentication:
•
The process varies slightly for different operating systems.
•
If you use physical RSA SecurID cards or keychain fobs, the VPN Client displays the appropriate
RSA user authentication dialog box.
•
If you use RSA SecurID for passcode generation, it must be running on your workstation.
In most configurations, you use RSA SecurID with VPN group authentication. With this type of
authentication, two prompts appear. The first prompt is for the VPN group name and password, and the
RSA SecurID user authentication prompt follows (
Figure 5-7
).