Table 95
SSL Settings Menu Options (/cfg/vpn/server/ssl) (cont'd.)
Command Syntax and Usage
verify log none|accept|reject|both
verify none|optional
ciphers <cipher list>
Copyright © 2007 Nortel Networks
.
/cfg/vpn <id> /server/ssl SSL Settings Configuration 269
Specifies the protocol to use when establishing an SSL session with
a client. Valid options are:
•
ssl2: Only accept SSL 2.0.
•
ssl3: Accept SSL 3.0 and TLS 1.0.
•
ssl23: Accept SSL 2.0, SSL 3.0, and TLS 1.0.
•
tls1: Only accept TLS 1.0.
The default protocol value is ssl3.
Specifies the syslog detail for client certificate.
•
none
•
accept
•
reject
•
none
The default verify value is none.
Specifies the level of client authentication to use when establishing an
SSL session. Valid options are:
•
none: No client certificate is required.
•
optional: A client certificate is requested, but the client need not
present one.
The default verify value is none.
Lets you change the default cipher preference list, which corresponds
to ALL@STRENGTH.
For more information about cipher lists, see the "Cipher List Formats"
section in Appendix A, Supported Ciphers, in the User's Guide.
Nortel VPN Gateway
Command Reference
NN46120-103 01.01 Standard
10 September 2007