Nortel 3050 Command Reference Manual page 227
Vpn gateway
Hide thumbs
Also See for 3050:
- Troubleshooting manual (70 pages) ,
- Installation manual (22 pages) ,
- Implementation manual (15 pages)
Table of Contents
Advertisement
/cfg/vpn <id> /aaa/auth <id> /adv Advanced Settings Configuration 227
Table 77
Advanced Settings Menu Options (/cfg/vpn/aaa/auth/adv) (cont'd.)
Command Syntax and Usage
revcertdn true|false
Copyright © 2007 Nortel Networks
.
This command is only available if the current authentication method is
set to cert.
Lets you reference an authentication ID representing a ClearTrust
authentication scheme. By binding a Client certificate authentication
ID to a ClearTrust authentication ID, the user can authenticate to the
ClearTrust server using a client certificate. The client certificate's
subject DN string is matched against the corresponding string specified
in the user record of the RSA ClearTrust authorization server.
The string extracted from the user's client certificate is exemplified
below:
c=US,st=Colorado,l=Denver,o=Company,ou=Accounting,cn
=John
This string should be specified as the client certificate DN for the user
record in the ClearTrust authorization server.
Lets you reverse the order of the DN string components for
compatibility with the ClearTrust Web Agent configuration parameter
cleartrust.agent.reverse_certificate_dn. If the latter
setting is "True", the revcertdn command must also be set to true.
•
true: Reverses the certificate DN string before sending it to the
ClearTrust authorization server for validation. Using the string in the
preceding example (see the validatedn command) the string sent
would be:
cn=John,ou=Accounting,o=Company,l=Denver,st=Color
ado,c=US
•
false: The string is not reversed, i.e. it will look like in the example
in above (see the validatedn command).
The default value is false.
Nortel VPN Gateway
Command Reference
NN46120-103 01.01 Standard
10 September 2007
- Quick Links:
- Menu Basics
Hide quick links:
Advertisement
Table of Contents
