VPN Credential Provider

The Shrew Soft VPN Credentials Provider extends the Windows Login dialog to allow a user to establish an IPsec VPN client connection before logging into the host operating system. This allows the host to communicate with an Active Directory domain controller while processing the user login instead of relying on locally cached user credentials.

Enabling a Secure AD/Domain Login

Before the Secure AD/Domain login feature can be used, a site configuration must first be created to connect to the gateway that provides connectivity to the domain controller. It is strongly recommended that connectivity be tested between a client and the domain controller before attempting a Secure AD/Domain login.

Public Site Configurations

Only public site configurations can be used for Secure AD/Domain logins. After configuring and testing your site configuration, you should then make the site configuration public using the VPN Access Manager.

see also:

VPN Access Manager : Main Window

Performing a Secure AD/Domain Login

During the Windows login process, the user is presented with a button that allows the user to switch users. By clicking this option, the user will be presented with alternate user login options.

After selecting the switch user option, the Shrew Soft VPN Client tile will be available for selection. After selecting this tile, the user will be presented with the Shrew Soft VPN Client VPN Connection screen.

The Shrew Soft VPN Client VPN Connection screen will allow the user to enter both the VPN related user credentials and the AD/Domain related user credentials. After clicking the right arrow button, the Shrew Soft VPN Client will first make a connection to the VPN gateway and then pass control back to the operating system to process the user login. In the event that an error occurs while connecting with the VPN gateway, they will be reported to the user during the normal login process.