Solved

How does authentication happen in a Certificate based VPN connection.

Posted on 2011-03-11
4
345 Views
Last Modified: 2012-05-11
How does authentication happen in a Certificate based VPN connection.

This is the scenario in our company

There is a Microsoft CA server which issues certificates to the AD users.

A user was terminated . We disabled his AD account. Does the VPN certificate locally stored on the user's computer be enough to connect to our Network, till the certificate expires.

do we need to revoke his certificate manually from CA server.
0
Comment
Question by:Ramanand_R_Uni
  • 2
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
x3man earned 250 total points
ID: 35108068
Won't the user still need to pass their credentials when connecting to the VPN? In which case the user will not be able to connect as you have disabled their account. The certificate will still be a valid certificate but as it also requires a valid user account then it won't allow access on it's own.
0
 

Author Comment

by:Ramanand_R_Uni
ID: 35108866
The AD account is already disabled. The employee is terminated and we don't want him to access our network anymore. So as per your suggestion user should not be able to connect to VPN
0
 

Author Comment

by:Ramanand_R_Uni
ID: 35108880
The way our VPN works is just with the certificate. user doesn't have any other credentials to enter while connect. Its just a one click connect with a a certificate authentication
0
 
LVL 9

Expert Comment

by:x3man
ID: 35109174
Sounds like it would be a good idea to revoke the certificate.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now