Table of Contents
Advertisement
Select the certificate type click New. You may add a CA Certificate (Certificate
Authority), CRL Certificate (Certificate Revocation List) or Local Certificate.
Click Browse to locate the certificate file or files.
If you are adding a Local Certificate, enter the Public Key certificate in Local Certificate
the Local Private Key certificate in Private Key Certificate, and the passphrase to unlock
the private key certificate in Private Key Certificate Passphrase. The certificate must
be in PEM or DER format.
Certificates have time durations in which they are valid. Ensure that the certificates
uploaded are valid and that the Date and Time settings have been set correctly on the
CyberGuard SG appliance.
IPSec Troubleshooting
Symptom: IPSec is not running and is enabled.
Possible Cause: The CyberGuard SG appliance has not been assigned a default
gateway.
Solution: Ensure the CyberGuard SG appliance has a default gateway by
configuring the Internet connection on the Connect to Internet page or assigning a
default gateway on the IP Configuration page.
Symptom: Tunnel is always down even though IPSec is running and the tunnel is
enabled.
Possible Cause: The tunnel is using Manual Keying and the encryption and/or
authentication keys are incorrect.
The tunnel is using Manual Keying and the CyberGuard SG appliance's and/or
remote party's keys do not correspond to the Cipher and Hash specified.
Solution: Configure a correct set of encryption and/or authentication keys. Select
the appropriate Cipher and Hash that the key have been generated from, or change
the keys used to use the selected Cipher and Hash.
Virtual Private Networking
222
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the SG300 and is the answer not in the manual?
Questions and answers