Cisco Systems OL-5490-01 Manuale Utente

The VPN Client supports the authentication features listed in 

The VPN Client supports the IPSec features listed in 

Connect on open

This feature lets a user connect to the default user profile when starting 
the VPN Client. You can enable this feature on the Preferences menu 
under the VPN Client tab.

VPN Client API

VPN Client provides an application programming interface for 
performing VPN Client tasks without using the command-line or 
graphical interfaces that Cisco provides. This API comes with a user 
guide for programmers, which is in a format that can be edited.

User authentication through 
VPN central-site device

Internal through the VPN device’s database

RADIUS (Remote Authentication Dial-In User Service)

NT Domain (Windows NT)

RSA (formerly SDI) SecurID or SoftID

Certificate Management

Allows you to manage the certificates in the certificate stores.

Certificate Authorities (CAs)

CAs that support PKI SCEP enrollment.

Peer Certificate Distinguished 
Name Verification

Prevents a VPN Client from connecting to an invalid gateway by 
using a stolen but valid certificate and a hijacked IP address. If the 
attempt to verify the domain name of the peer certificate fails, the 
VPN Client connection also fails.

Tunnel Protocol

IPSec

Transparent tunneling

IPSec over UDP for NAT and PAT 

IPSec over TCP for NAT and PAT

Key Management protocol

Internet Key Exchange (IKE)

IKE Keepalives

A tool for monitoring the continued presence of a peer and report 
the VPN Client’s continued presence to the peer. This lets the VPN 
Client notify you when the peer is no longer present. Another type 
of keepalives keeps NAT ports alive.