Table of Contents
Advertisement
Authentication with certificates
There are three different types of authentication with certificates:
1. Each subscriber needs the same root CA and a personal certificate signed by the root CA.
2. Like 1, but with additional username/password verification.
3. Like 2, but without a personal certificate. In other words, the stations only need a root CA and
username/password.
Authentication with CA certificate and own certificate
20.3.4.3.1
Tab
CA Certificate
Own Certificate
Additional user and password
verification
X.509
authentication
User
Use only CA and User/password
for client verification
Peer must be TLS Server
Label
This is the root certificate (root CA). All other cer-
tificates must come from this certificate.
You use this certificate to authenticate yourself to
your VPN peer.
Additional user data may be required from a cli-
ent dialing in. Please note that this user data
must be entered in the VPN server under System
User.
Enter the user data of the VPN server (from the
System User menu) here.
With this option, you authenticate yourself using
the CA certificate and the user data of the VPN
server (from the System User menu) only.
This is an additional security option. The "server
certificate" must include the extension nsCert-
Type=server (see section
cates).
Description
Creating certifi-
Page 189 of 237
Version: 5.1.6 – June 4
th
, 2018
Advertisement
Table of Contents
