Enabling Vpn Access For Specific Certificate Holders - Fortinet FortiWiFi FortiWiFi-60 Administration Manual
Antivirus firewalls
Hide thumbs
Also See for FortiWiFi FortiWiFi-60:
- Installation and configuration manual (76 pages) ,
- Quick start manual (2 pages) ,
- Administration manual (458 pages)
Table of Contents
Advertisement
Certificates
Enabling VPN access for specific certificate holders
278
3
Select Import.
4
Browse to the location on the local PC where the certificate has been saved and
select the certificate.
5
Select OK.
Note: Consider backing up the certificate. The file is saved in as a password protected PKCS12
(Public Key Cryptography Standard 12) file. You can use the backup if you need to restore the
original. For more information, see
Figure 142:Importing a CA certificate
To install a CA's root certificate
1
After you download the root certificate of the CA, save the certificate on a PC that has
local access to the FortiWiFi unit.
2
On the FortiWiFi unit, go to VPN > Certificates > CA Certificates.
3
Select Import.
4
Browse to the location on the local PC where the certificate has been saved and
select the certificate.
5
Select OK.
The system assigns a unique name to each CA certificate. The names are numbered
consecutively (CA_Cert_1, CA_Cert_2, CA_Cert_3, and so on).
When a VPN peer is configured to authenticate using digital certificates, it sends the
Distinguished Name (DN) on its certificate to the remote peer. This DN can be used to
deny VPN access. For example, a FortiWiFi unit can be configured to deny
connections to all remote peers except the one having the specified DN.
If the FortiWiFi unit participates in a gateway-to-gateway configuration and you want
both peers to accept reciprocal connections, you must specify the DN of the FortiWiFi
unit when you define the phase 1 parameters.
"Backing up and Restoring" on page
01-28006-0014-20041105
VPN
122.
Fortinet Inc.
Advertisement
Table of Contents
