- The roadwarriors <b>carol</b> an <b>dave</b> set up a connection to gateway
- <b>moon</b>. At the outset the gateway authenticates itself to the client by
- sending an IKEv2 <b>RSA signature</b> accompanied by a certificate.
- <b>carol</b> and <b>dave</b> then use the <b>EAP-MD5</b> protocol to authenticate
- against the gateway <b>moon</b>. The user credentials of <b>carol</b>
- and <b>dave</b> are kept both on the local clients and the RADIUS server <b>alice</b>.
- <b>carol</b> possesses the RADIUS class attribute <b>Research</b> and therefore obtains
- access to the <b>research</b> subnet behind gateway <b>moon</b> whereas <b>dave</b>
- belongs to the class <b>Accounting</b> and has access to the <b>access</b> subnet.
|
