Virtual private networking
14
Copyright © 2005 Nokia. All rights reserved.
Authenticating to VPN gateways
You need to prove your identity when you log on to the
enterprise VPN. The VPN policy determines the
authentication method that you use:
• Certificate-based authentication — you must have a
certificate that a trusted certification authority signs.
You use online certificate enrollment to obtain the
certificate or you install certificates when you install
the VPN policy from a SIS file.
• Legacy authentication — you use user names and
passwords or passcodes to authenticate.
Administrators create the user names and passwords
or give you SecurID tokens to generate the passcodes.
If you use certificates for authentication, enter the key
store password.
If you use legacy authentication, key in VPN
authentication information when you use applications to
connect to VPN access points and the device negotiates
encrypted connections with the VPN gateway.
To use usernames and passwords to authenticate to a
VPN gateway, key in your VPN user name in VPN user
name and VPN password in VPN password. Press OK.
To use usernames and passcodes to authenticate to a
VPN gateway, key in your VPN user name in VPN user
name. Generate a SecurID passcode and key in it in VPN
passcode. Press OK.
If the SecurID token has become out of synchronisation
with the time clock of the ACE/Server, you are prompted
for the next passcode that the ACE/Server uses as a new
reference for the time base of the token. Key in your VPN
user name in VPN user name. Generate and key in a new
passcode in Next passcode and press OK. If this fails,
contact administrators.
Troubleshooting
This section lists error messages in alphabetical order,
describes the possible causes of the errors, and suggests
actions to recover from the errors.
Authentication failed.
• You key in an incorrect user name or password when
you authenticate to a VPN policy server or log on to a
VPN.
• You key in the wrong passcode when you are prompted
for the Next passcode.
Try the following solutions:
• Check your user name and password and try again.
• Generate and key in a passcode.
Automatic policy server logon failed. Enter policy server user
name and password to continue.
The certificate that authenticates you to the VPN policy
server expires or administrators revoke the certificate.
