We're testing the option IPSEC with 2-way authentication for tablets (Apple/Android)
The 2-way authentication is based on Soft/Hard tokens (Fortitoken)
We've Tested the IPSEC For Apple IPAD/Iphone devices, we cannot use the Forticlient app on these devices so we have to stick with the build-in IPSEC client(Cisco) so far as we know of.
Site note info:
1)Firmware using 5.2.4 or whatever is possible to have it worked (shouldn't be the issue i guess)
2)The Dail up user VPN's are setup with Xauth
3)Users are authenticated first through LDAP
4)Each user that been authenticated has the 2-way authentication enabled.
5) IPad IOS 8.4 (if that is an issue?)
6) Also we use Device MAC's for granting them further access
Are their other IPSEC vendors that let the 2-way authentication go through (debugging shows that its requesting the token, no issue their but these build-in clients cannot coop with it i think?)
Anyone ever tried to setup IPSEC with 2-way authentication without the Forticlient?
Or should we just drop the token thing and go for Certificates?(Users save their username/password and also with the Certificate on their .... if the device got stolen thieves are 1 or 2 swipes away from entering your environment!!)
Very much appreciated in reading my request/questions of the issue.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.