The VPN Client supports authentication with digital certificates through a smart card or electronic token. Several vendors provide smart cards and tokens. For an up-to-date list of those that the VPN Client currently supports, see "<paranum><paratext>". Smart card support is provided through Microsoft Cryptographic API (MS CAPI). Any CryptoService provider you use must support signing with CRYPT_NOHASHOID.
Note Smart cards generally have only the private key associated with a certificate, so even without having the smart card inserted, you can still create an individual certificate-authentication profile. You must insert the smart card, however, to complete the authentication process.
Once you or your network administrator has configured a connection entry that uses a Microsoft certificate provided by a smart card, you must insert the smart card into the receptor. When you start your connection, you are prompted to enter a password or PIN, depending on the vendor.
In this example, you would type your PIN code in the Enter PIN code field and click OK.
The next example shows how to log in to eToken from Aladdin. You select the token in the eToken Name column, type a password in the User Password field, and click OK.
Note If your smart card or token is not inserted, the authentication program displays an error message. If this occurs, insert your smart card or token and try again.
Copyright © 1998-2004, Cisco Systems, Inc. All rights reserved.