This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
ejava-token-vpn-logon [2017/05/15 07:59] JavaCardOS |
ejava-token-vpn-logon [2017/05/15 08:20] (current) JavaCardOS [Discussion] |
||
|---|---|---|---|
| Line 34: | Line 34: | ||
| * In the "Properties" window, click "Security" tab, click "Authentication Methods…", the dialogbox "Authentication Methods" will pop up, as the following shows:\\ | * In the "Properties" window, click "Security" tab, click "Authentication Methods…", the dialogbox "Authentication Methods" will pop up, as the following shows:\\ | ||
| - | |||
| {{ Editor/2016-09-09/57d27092a697e.png }}\\ | {{ Editor/2016-09-09/57d27092a697e.png }}\\ | ||
| - | |||
| - | |||
| * Select"Extensible authentication protocol (EAP)". Extensible Authentication Protocol is the improvements method of traditional user name and password authentication. Smart card user authentication belongs to Extensible Authentication Protocol. | * Select"Extensible authentication protocol (EAP)". Extensible Authentication Protocol is the improvements method of traditional user name and password authentication. Smart card user authentication belongs to Extensible Authentication Protocol. | ||
| \\ | \\ | ||
| - | |||
| * Click "OK", and close "Authentication Methods" dialogbox. | * Click "OK", and close "Authentication Methods" dialogbox. | ||
| \\ | \\ | ||
| - | |||
| * Click "OK", close "Routing and Remote Access Properties" dialogbox. | * Click "OK", close "Routing and Remote Access Properties" dialogbox. | ||
| * New user: Select "Roles->Active Directory Domain Services-> Active Directory Users and Computers->server.javacardos.com->Users", right–click this item and select "New->User" from the menu, as figure 010 shows. Then set new user’s username and password, as shown in figure. | * New user: Select "Roles->Active Directory Domain Services-> Active Directory Users and Computers->server.javacardos.com->Users", right–click this item and select "New->User" from the menu, as figure 010 shows. Then set new user’s username and password, as shown in figure. | ||
| \\ | \\ | ||
| - | |||
| {{ Editor/2016-09-09/57d27479b8ad8.png }}\\ | {{ Editor/2016-09-09/57d27479b8ad8.png }}\\ | ||
| - | |||
| * Right-click the new user, select "Properties", select "Dial-in" page. In "Network Access Permission" item select "Allow access" and then click OK, as shown below. | * Right-click the new user, select "Properties", select "Dial-in" page. In "Network Access Permission" item select "Allow access" and then click OK, as shown below. | ||
| \\ | \\ | ||
| - | |||
| {{ Editor/2016-09-09/57d272b0de853.png }}\\ | {{ Editor/2016-09-09/57d272b0de853.png }}\\ | ||
| - | |||
| Note: After these operations, users can apply for certificate that is used for authentication.Keep in mind that you must use the user you just set to apply for certificate. | Note: After these operations, users can apply for certificate that is used for authentication.Keep in mind that you must use the user you just set to apply for certificate. | ||
| Line 71: | Line 62: | ||
| * Insert eJavaToken into computer (Make sure that PKI applet has been already in eJavaToken). | * Insert eJavaToken into computer (Make sure that PKI applet has been already in eJavaToken). | ||
| - | |||
| - | |||
| * Open Internet Explorer, enter the url set in previous step, which is used to issue smart card certificate (e.g. 192.168.50.96/certsrv/certrqma.asp), press Enter. | * Open Internet Explorer, enter the url set in previous step, which is used to issue smart card certificate (e.g. 192.168.50.96/certsrv/certrqma.asp), press Enter. | ||
| - | |||
| - | |||
| * On Advanced Certificate Request page, select "Smartcard User" for Certificate Template option,select "EnterSafe ePass2003 CSP v1.0" for CSP option, then click Submit. | * On Advanced Certificate Request page, select "Smartcard User" for Certificate Template option,select "EnterSafe ePass2003 CSP v1.0" for CSP option, then click Submit. | ||
| - | |||
| - | |||
| * Follow the prompts, select "Install this certificate" and click "Ok" until the certificate is installed successfully. | * Follow the prompts, select "Install this certificate" and click "Ok" until the certificate is installed successfully. | ||
| - | |||
| - | |||
| * If "This CA is not trusted" appears, please follow the prompts to add this CA into trust list. | * If "This CA is not trusted" appears, please follow the prompts to add this CA into trust list. | ||
| Line 97: | Line 80: | ||
| ====VPN client configuration==== | ====VPN client configuration==== | ||
| Client configuration is completed on client computer. Take Win7 as an example. | Client configuration is completed on client computer. Take Win7 as an example. | ||
| - | |||
| * Firstly, make sure that eJava Token with certificate inside has been already inserted into computer. | * Firstly, make sure that eJava Token with certificate inside has been already inserted into computer. | ||
| \\ | \\ | ||
| - | |||
| Line 109: | Line 90: | ||
| {{ Editor/2016-09-09/57d2713a26a86.png }}\\ | {{ Editor/2016-09-09/57d2713a26a86.png }}\\ | ||
| - | |||
| - | |||
| - | |||
| Line 118: | Line 96: | ||
| {{ Editor/2016-09-09/57d2715c414d7.png }}\\ | {{ Editor/2016-09-09/57d2715c414d7.png }}\\ | ||
| - | |||
| Line 129: | Line 106: | ||
| {{ Editor/2016-09-09/57d27173acbbe.png }}\\ | {{ Editor/2016-09-09/57d27173acbbe.png }}\\ | ||
| - | |||
| Line 141: | Line 117: | ||
| {{ Editor/2016-09-09/57d2718a739b7.png }}\\ | {{ Editor/2016-09-09/57d2718a739b7.png }}\\ | ||
| - | |||
| - | ====Discussion==== | ||
| - | |||
| - | Go to [[https://javacardos.com/javacardforum/viewforum.php?f=43|JavaCardOS Forum]] | ||
