Configuring VPN
Managing Certificates
STEP 4
STEP 5
Managing Certificates
STEP 1
STEP 2
STEP 3
Cisco CVR100W Wireless-N VPN Router Administration Guide
Integrity Algorithm
PFS Key Group
Select IKE Policy
Click Save. Then click Back to return to the Advanced VPN Setup page.
Click IPSec Connection Status to see the status of all site-to-site VPN policies on
the CVR100W.
The CVR100W uses digital certificates for IPsec VPN authentication and SSL
validation (for HTTPS). You can generate and sign your own certificates using
functionality available on the CVR100W.
Generating a New Certificate
You can generate a new certificate to replace the existing certificate on the
CVR100W.
To generate a certificate:
Choose VPN > Certificate Management.
Click the Generate a New Certificate radio button.
Click Generate Certificate.
Select the algorithm used to verify the integrity of the
data.
Check Enable to enable Perfect Forward Secrecy
(PFS) to improve security. While slower, this protocol
helps to prevent intruders by ensuring that a Diffie-
Hellman exchange is performed for every phase-2
negotiation.
Choose the IKE policy that will define the
characteristics of phase 1 of the negotiation. Click
View to view or edit the existing IKE policy that is
configured on the CVR100W.
6
111