HP 7102dl - ProCurve Secure Router Configuration Manual page 554
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Virtual Private Networks
Configuring a VPN Using IPSec
Select digital signature
type (configured in the
IKE policy).
y for
Press
manual
For manual
requests, copy
and paste to
submit to your CA
server.
10-60
The OS will then initiate a dialog with you. (See Figure 10-10.) The OS will ask
you to enter any information that you have not already configured from the
CA profile configuration mode context.
ProCurve(config)# crypto ca enroll MyCA
**** Press CTRL+C to exit enrollment request dialog. ****
* Enter signature algorithm (RSA or DSS) [rsa]:
* Enter the modulus length to use [512]:1024
* Enter the subject name as an X.500 (LDAP)
DN:Router,C=US,L=Roseville,S=CA
--The subject name in the certificate will be
CN=CN=Router,C=US,L=Roseville,S=CA.
* Include IP address in subject alternate name [n]:y
* Enter IP address or name of interface to use:10.10.10.1
* Include fully qualified domain name [n]:
* Include an email address [n]:
Generating request (including keys)....
.............Done
* Display certificate request to terminal? [y]
-----BEGIN CERTIFICATE REQUEST-----
MIIBojCCAQsCAQAwQDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkFMMRMwEQYDVQQH
EwpIdW50c3ZpbGxlMQ8wDQYDVQQDEwZSb3V0ZXIwgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBALCZJHE4Bx1+ZzJQUFEQwfGcI2vE9RR68KqRmwGr+hZyMi49Eg85
UIBCUvCe15u/P4JYS9d//jT37+uh+jZxNvSUiPa99XatHcIcVLWQHzrn9+vWYReu
7418ZEbx/ETPKa6XqSpFqJ5ZG38VUaN05r2gwW+aZtsfxOyMUupstSypAgMBAAGg
IjAgBgkqhkiG9w0BCQ4xEzARMA8GA1UdEQQIMAaHBAoKCgEwDQYJKoZIhvcNAQEF
BQADgYEAidRLWBpm5pNnC38VylSXqvTrEAZtWNRSTxBEMnObbg+buHPIQet1bOpu
QF1wmBJUehLkVYlnmO4Di6IFcJbnF0AD/Jcoiw5jgRZdbcWSpIOg5uqXFpdltbg4
pIY+ZWviGolKZHo0EJuuzywFUf74QPScVf6Ci6eI16l9cYntP14=
-----END CERTIFICATE REQUEST-----
* Redisplay certificate request to terminal? [n]
Figure 10-10.Requesting a Self Certificate
When you submit the request to the CA, the CA will add this information to
the router's self certificate. When your VPN peer or peers define your router
as one of the remote peers allowed to connect to their VPN, they must match
the value entered for one of these fields.
If you are obtaining certificates manually, answer yes (
you want to display the certificate request to the terminal. Copy the request
and submit it to your CA server.
If you are obtaining certificates automatically, the OS will submit the request
for you. It will also automatically load the self certificate and a CRL into the
CA profile. You will then have completed obtaining your certificates.
Enter ASN
distinguished
name
If so desired,
enter the VPN
interface or an IP
address
n
Press
) when the CLI asks if
y
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
