For a site-to-site VPN tunnel that does not use certificates, the common method for authentication is to use a pre-shared secret. This is a shared password between the two sites that must be known by both parties for the VPN tunnel to be established. Unique passwords, SecureID, and RSA tokens are not typically used in this context.