How does authentication happen in a Certificate based VPN connection.

How does authentication happen in a Certificate based VPN connection.

This is the scenario in our company

There is a Microsoft CA server which issues certificates to the AD users.

A user was terminated . We disabled his AD account. Does the VPN certificate locally stored on the user's computer be enough to connect to our Network, till the certificate expires.

do we need to revoke his certificate manually from CA server.
Ramanand_R_UniAsked:
Who is Participating?
 
x3manConnect With a Mentor Commented:
Won't the user still need to pass their credentials when connecting to the VPN? In which case the user will not be able to connect as you have disabled their account. The certificate will still be a valid certificate but as it also requires a valid user account then it won't allow access on it's own.
0
 
Ramanand_R_UniAuthor Commented:
The AD account is already disabled. The employee is terminated and we don't want him to access our network anymore. So as per your suggestion user should not be able to connect to VPN
0
 
Ramanand_R_UniAuthor Commented:
The way our VPN works is just with the certificate. user doesn't have any other credentials to enter while connect. Its just a one click connect with a a certificate authentication
0
 
x3manCommented:
Sounds like it would be a good idea to revoke the certificate.
0
All Courses

From novice to tech pro — start learning today.