How can I perform certificate authentication and what is the difference between certificate-anonymous mode and certificate-challenge mode

Certificate authentication verifies the identities of SSL VPN users using a CA certificate in either of the following modes:
-Certificate-anonymous mode: The SSL VPN gateway extracts user information carried in the CA certificate to verify the identities of SSL VPN users.
-Certificate-challenge mode: The SSL VPN gateway verifies the identities of SSL VPN users by extracting user information carried in the CA certificate and meanwhile implementing local or server authentication.

SSL VPN supports only TLS 1.0, TLS 1.1, TLS 1.2, and SSL 3.0. To use the Internet Explorer to log in to a virtual gateway, ensure that the SSL protocol set in the Internet Explorer is supported by SSL VPN. Otherwise, an exception may occur. For example, if SSL2.0 is set in the Internet Explorer and certificate-anonymous authentication is used for login to the virtual gateway, the virtual gateway will display "Your certificate is invalid. Provide a valid certificate".

Scroll to top