Juniper Networks SSL VPN Implementation Guide

Short Description
any form or by any means without the written permission of CRYPTOCard Corp. Juniper Networks SSL VPN Implementation Guide …

Website: portal.cryptocard.com | Filesize: 253kb

Content
Copyright
Copyright . 2006, CRYPTOCard Corp. All Rights Reserved. No part of this publication may be
reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in
any form or by any means without the written permission of CRYPTOCard Corp.
Juniper Networks SSL VPN Implementation GuideJuniper Networks SSL VPN Implementation Guide 1
Juniper SSL VPN Overview
This documentation presents an overview and necessary steps to configure a Juniper SSL VPN for use
with CRYPTO-MAS and CRYPTOCard tokens. The Juniper SSL VPN is used to create an encrypted
tunnel between hosts. CRYPTO-MAS works in conjunction with the Juniper SSL VPN to replace static
passwords with strong two-factor authentication that prevents the use of lost, stolen, shared, or easily
guessed passwords when establishing a connection to gain access to protected resources.
With CRYPTO-MAS acting as the authentication server for a VPN enabled resource, an authenticated
connection sequence would be as follows:
1. The administrator configures the Juniper SSL VPN to use RADIUS Authentication.
2. The incoming RADIUS authentication request is relayed over to the CRYPTO-MAS Server as
shown in Figure 1 below.
Figure 1 - RADIUS authentication request is relayed to the CRYPTO-MAS Server
3. The CRYPTO-MAS Server examines the incoming packet. If the user exists, it then checks the
token associated with the user for the expected PIN + One-time password….