Access user authentication refers to the authentication for various VPN access users.
Authentication on remote access users is triggered as follows:
Remote access using SSL VPN
Remote access users log in to the authentication web pages of the SSL VPN module to trigger authentication. After being authenticated, the users can use the network extension service to access intranet resources at the headquarters.
Remote access using L2TP VPN
In automatic LAC dial-up, a LAC at the branch office dials up to an LNS to trigger authentication and establish an L2TP tunnel with the LNS. Remote access users can trigger either user-initiated or redirected authentication before they use L2TP VPN to access network resources.
In NAS-initiated or client-initiated mode, remote access users dial up to an LNS to trigger authentication and establish L2TP tunnels. The users can access intranet resources at the headquarters directly or trigger either user-initiated or redirected authentication to enhance security.
Remote access using IPSec VPN
After an IPSec VPN tunnel is established between a branch office and the headquarters, remote access users at the branch office can trigger either user-initiated or redirected authentication. After being authenticated, the users can access intranet resources at the headquarters using IPSec VPN.
After being authenticated in the VPN access phase, if users are authenticated in resource access phase, the authentication process in resource access phase is the same as that for Internet access users. The IP addresses of the users are private IP address after VPN decapsulation.