9.3.8. Identification Lists
gw-world:/MyIDList> cc
Finally, apply the Identification List to the IPsec tunnel:
gw-world:/> set Interface IPsecTunnel MyIPsecTunnel AuthMethod=Certificate
Web Interface
First create an Identification List:
1.
Go to Objects > VPN Objects > ID List > Add > ID List
2.
Enter a name for the identification list eg. MyIDList
3.
Click OK
Then, create an ID:
1.
Go to Objects > VPN Objects > ID List
2.
In the grid control, click on MyIDList
3.
Enter a name for the ID eg. JohnDoe
4.
Select Distinguished name in the Type control
5.
Now enter:
•
Common Name: John Doe
•
Organization Name:D-Link
•
Organizational Unit: Support
•
Country: Sweden
•
Email Address: john.doe@D-Link.com
6.
Click OK
Finally, apply the Identification List to the IPsec tunnel:
1.
Go to Interfaces > IPsec
2.
In the grid control, click on the IPsec tunnel object of interest
3.
Under the Authentication tab, choose X.509 Certificate
4.
Select the appropriate certificate in the Root Certificate(s) and Gateway Certificate controls.
5.
Select MyIDList in the Identification List.
6.
Click OK
IDList=MyIDList RootCertificates=AdminCert GatewayCertificate=AdminCert
252
Chapter 9. VPN