autoLearn configuration example ························································································································ 95
Troubleshooting port security ······································································································································ 102
Configuring password control ································································································································ 104
Overview ······································································································································································· 104
Password setting ·················································································································································· 104
User login control ················································································································································ 106
Logging ································································································································································· 107
FIPS compliance ··························································································································································· 107
Enabling password control ········································································································································· 107
Network requirements ········································································································································· 111
Configuration procedure ···································································································································· 112
Verifying the configuration ································································································································· 113
Managing public keys ············································································································································ 115
Overview ······································································································································································· 115
FIPS compliance ··························································································································································· 115
Creating a local key pair ············································································································································ 116
Configuration guidelines ···································································································································· 116
Configuration procedure ···································································································································· 116
Displaying a host public key ······························································································································ 118
Destroying a local key pair ········································································································································· 118
Configuring a peer public key ···································································································································· 119
Entering a peer public key ································································································································· 119
Configuring PKI ······················································································································································· 125
Overview ······································································································································································· 125
PKI terminology ···················································································································································· 125
PKI architecture ···················································································································································· 126
PKI operation ······················································································································································· 127
PKI applications ··················································································································································· 127
PKI across VPNs ·················································································································································· 127
iii