Quote:
Originally Posted by Thorpuse  The auth challenge will come every time the IP address changes. You can't (and wouldn't want to!) stop this. |
Why wouldn't you want to stop this? You've authenticated yourself to the gateway, its not like someone can mitm attack the connection just because the IP has changed. If that were possible then it'd be just as easy [or easier] to mitm attack a connection that uses a static IP. We know the gateway can handle remote vpn peers with dynamic IPs--part of the attraction for Edge devices is that very reason. I don't see why you'd want to stop an authenticated SecureClient device merely because its IP is dynamic.
Having said that, AFAIK the use of certificates would be your only way around this problem.