Table of Contents
Advertisement
Note
Only one shared secret tunnel may be added. The one shared secret is used by
all remote clients to authenticate.
Select x.509 Certificate Tunnel to use x.509 certificates to authenticate the
remote client against a Certificate Authority's (CA) certificate. The CA certificate
must have signed the local certificates that are used for tunnel authentication.
Certificates need to be uploaded to the SnapGear unit before a tunnel can be
configured to use them (see Certificate Management in the IPSec section later in
this chapter). This authentication method is more difficult to configure, but very
secure.
Creating and adding x.509 certificates is detailed in Certificate Management in the
IPSec section later in this chapter.
Note
Multiple x.509 certificate tunnels may be added. A separate x.509 certificate
tunnel is required for each remote client to authenticate.
Click New.
Enter a Tunnel Name to identify this connection. It may not be the same as any other
L2TP/IPSec or regular IPSec tunnel names.
If adding a Shared Secret Tunnel, enter the Shared Secret. Ensure it is something
hard to guess. Keep note of the shared secret, as it is used in configuring the remote
client.
Virtual Private Networking
205
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the SG300 and is the answer not in the manual?
Questions and answers