Troubleshooting PKI ····················································································································································· 259
Failed to retrieve CRLs ········································································································································ 260
IPsec configuration ·················································································································································· 261
IPsec overview ······························································································································································ 261
IPsec implementation ··········································································································································· 261
Basic concepts ····················································································································································· 262
Protocols and standards ····································································································································· 264
Configuring an IPsec proposal ·························································································································· 264
Configuring an IPsec policy ······························································································································· 265
Displaying and maintaining IPsec ······························································································································ 267
SSH2.0 configuration ············································································································································· 272
SSH2.0 overview ························································································································································· 272
Introduction to SSH2.0 ······································································································································· 272
SSH operation ····················································································································································· 272
SSH connection across VPNs ····························································································································· 275
Configuring a client public key ·························································································································· 277
Configuring an SSH user ···································································································································· 278
Displaying and maintaining SSH ······························································································································· 282
SFTP configuration ·················································································································································· 296
SFTP overview ······························································································································································· 296
Configuration prerequisites ································································································································ 296
Enabling the SFTP server ···································································································································· 296
Working with SFTP directories ··························································································································· 298
Working with SFTP files ······································································································································ 298
Displaying help information ······························································································································· 299
vi