Introduction |
This chapter describes a certificate-based VPN IPSec connection of the bintec secure IPsec client™ to a bintec R3000™ VPN gateway. An owned certification authority (OpenSSL CA) is set up to generate the required certificates in PKCS#12 format. When the VPN tunnel is set up, a dynamic IP address is assigned to the bintec secure IPSec client™ (per IKE config mode). The solution can be optionally upgraded with one-time password request. Here, a one-time password in generated with a KOBIL SecOVID™ token authenticated on the KOBIL SecOVID™ server.
Example scenario
A bintec VPN gateway e.g. bintec R3000™ with system software 7.8.7 (XAuth support)
A bintec secure IPSec client™
VPN gateway and VPN client each require an independent Internet connection
Optionally, a KOBIL SecOVID™ server installed on a Microsoft Windows computer (e.g. Server 2003 (32 Bit))
Copyright© Version 01/2020 bintec elmeg GmbH |