This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
ejava-token-vpn-logon [2017/05/15 07:56] JavaCardOS |
ejava-token-vpn-logon [2017/05/15 08:20] (current) JavaCardOS [Discussion] |
||
|---|---|---|---|
| Line 30: | Line 30: | ||
| - | * Right-click tree structure on the left of "Routing and Remote Access" console, select "Properties" from the pop-up menu. | + | * Right-click tree structure on the left of "Routing and Remote Access" console, select "Properties" from the pop-up menu. |
| - | * In the "Properties" window, click "Security" tab, click "Authentication Methods…", the dialogbox "Authentication Methods" will pop up, as the following shows:\\ | + | * In the "Properties" window, click "Security" tab, click "Authentication Methods…", the dialogbox "Authentication Methods" will pop up, as the following shows:\\ |
| - | + | ||
| - | + | ||
| - | {{Editor/2016-09-09/57d27092a697e.png }}\\ | + | |
| + | {{ Editor/2016-09-09/57d27092a697e.png }}\\ | ||
| * Select"Extensible authentication protocol (EAP)". Extensible Authentication Protocol is the improvements method of traditional user name and password authentication. Smart card user authentication belongs to Extensible Authentication Protocol. | * Select"Extensible authentication protocol (EAP)". Extensible Authentication Protocol is the improvements method of traditional user name and password authentication. Smart card user authentication belongs to Extensible Authentication Protocol. | ||
| - | \\ | + | \\ |
| * Click "OK", and close "Authentication Methods" dialogbox. | * Click "OK", and close "Authentication Methods" dialogbox. | ||
| - | \\ | + | \\ |
| - | + | ||
| * Click "OK", close "Routing and Remote Access Properties" dialogbox. | * Click "OK", close "Routing and Remote Access Properties" dialogbox. | ||
| Line 50: | Line 46: | ||
| \\ | \\ | ||
| - | + | {{ Editor/2016-09-09/57d27479b8ad8.png }}\\ | |
| - | {{Editor/2016-09-09/57d27479b8ad8.png }}\\ | + | |
| * Right-click the new user, select "Properties", select "Dial-in" page. In "Network Access Permission" item select "Allow access" and then click OK, as shown below. | * Right-click the new user, select "Properties", select "Dial-in" page. In "Network Access Permission" item select "Allow access" and then click OK, as shown below. | ||
| \\ | \\ | ||
| - | + | {{ Editor/2016-09-09/57d272b0de853.png }}\\ | |
| - | {{Editor/2016-09-09/57d272b0de853.png }}\\ | + | |
| Note: After these operations, users can apply for certificate that is used for authentication.Keep in mind that you must use the user you just set to apply for certificate. | Note: After these operations, users can apply for certificate that is used for authentication.Keep in mind that you must use the user you just set to apply for certificate. | ||
| Line 70: | Line 62: | ||
| * Insert eJavaToken into computer (Make sure that PKI applet has been already in eJavaToken). | * Insert eJavaToken into computer (Make sure that PKI applet has been already in eJavaToken). | ||
| - | |||
| - | |||
| * Open Internet Explorer, enter the url set in previous step, which is used to issue smart card certificate (e.g. 192.168.50.96/certsrv/certrqma.asp), press Enter. | * Open Internet Explorer, enter the url set in previous step, which is used to issue smart card certificate (e.g. 192.168.50.96/certsrv/certrqma.asp), press Enter. | ||
| - | |||
| - | |||
| * On Advanced Certificate Request page, select "Smartcard User" for Certificate Template option,select "EnterSafe ePass2003 CSP v1.0" for CSP option, then click Submit. | * On Advanced Certificate Request page, select "Smartcard User" for Certificate Template option,select "EnterSafe ePass2003 CSP v1.0" for CSP option, then click Submit. | ||
| - | |||
| - | |||
| * Follow the prompts, select "Install this certificate" and click "Ok" until the certificate is installed successfully. | * Follow the prompts, select "Install this certificate" and click "Ok" until the certificate is installed successfully. | ||
| - | |||
| - | |||
| * If "This CA is not trusted" appears, please follow the prompts to add this CA into trust list. | * If "This CA is not trusted" appears, please follow the prompts to add this CA into trust list. | ||
| Line 96: | Line 80: | ||
| ====VPN client configuration==== | ====VPN client configuration==== | ||
| Client configuration is completed on client computer. Take Win7 as an example. | Client configuration is completed on client computer. Take Win7 as an example. | ||
| - | |||
| * Firstly, make sure that eJava Token with certificate inside has been already inserted into computer. | * Firstly, make sure that eJava Token with certificate inside has been already inserted into computer. | ||
| \\ | \\ | ||
| - | |||
| Line 107: | Line 89: | ||
| - | {{Editor/2016-09-09/57d2713a26a86.png }}\\ | + | {{ Editor/2016-09-09/57d2713a26a86.png }}\\ |
| - | + | ||
| - | + | ||
| Line 116: | Line 95: | ||
| - | {{Editor/2016-09-09/57d2715c414d7.png }}\\ | + | {{ Editor/2016-09-09/57d2715c414d7.png }}\\ |
| Line 127: | Line 105: | ||
| - | {{Editor/2016-09-09/57d27173acbbe.png }}\\ | + | {{ Editor/2016-09-09/57d27173acbbe.png }}\\ |
| Line 138: | Line 115: | ||
| - | {{Editor/2016-09-09/57d2718a739b7.png }}\\ | + | {{ Editor/2016-09-09/57d2718a739b7.png }}\\ |
| - | + | ||
| - | + | ||
| - | ====Discussion==== | + | |
| - | Go to [[https://javacardos.com/javacardforum/viewforum.php?f=43|JavaCardOS Forum]] | ||
