[unisog] VPN Protection of Wireless Networks

Gary Flynn flynngn at jmu.edu
Tue Dec 18 21:03:10 GMT 2001


Patrick Darden wrote:
> 
> I believe we are talking about the same thing.  The username/password pair
> that I have been speaking about is the same as the pre-shared key you are
> talking about.  Here's the process as I understand it.  During the ESP
> negotiation phase (initial negotiation of an encrypted IPSEC tunnel) the
> client sends the username to the VPN engine.  The VPNe knows by the
> username which pre-shared key (password) to use.  They both begin using
> that password.  The password itself is never sent.

Thanks, Patrick and everyone else who responded.

I took the responses, dived into the Cisco and IPSEC RFCs, and
wrote a summary of what I believe to be the implications of the
various authentication methods.

http://www.jmu.edu/computing/security/vpnauth.shtml

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe



More information about the unisog mailing list