Table of Contents
Advertisement
VPN menu features
IPSec VPN
[Conditional; only if x.509 Certificates was selected for Authentication] Enter the Remote
12
Distinguished Name, which is the list of attribute/value pairs contained in the certificate of the remote
peer.
Table 19
Table 19 Supported attributes
Attribute
C
ST
L
O
OU
CN
N
G
S
I
T
E
E-mail
SN
D
TCGID
The attribute/value pairs must be of the form attribute=value and be separated by commas. For
example: C=US, ST=Illinois, L=Chicago, O=McAfee, OU=Sales, CN=SG580. It must match exactly the
Distinguished Name of the remote party's local certificate to successfully authenticate the tunnel.
When making a certificate-based tunnel between UTM Firewall appliances, you can obtain the
Distinguished Name of a remote device's Certificate from the Details column of the appropriate local
certificate on the Certificate Lists tab of the IPSec page.
Tip:
Copy and paste all but the Valid from information from the Certificate Lists page before you configure the
tunnel.
For more information on using certificates with VPN, see
[[Conditional, if x.509 Certificates was selected for Authentication] Select the required local
13
certificate to use to negotiate the tunnel from the Local Certificate list. This is the list of local certificates
that have been uploaded for x.509 authentication. Select the required certificate to be used to negotiate
the tunnel.
[Optional] Select the Require XAUTH authentication checkbox to force clients to authenticate with XAUTH
14
in order to negotiate the tunnel. Users must also have the IPsec ACL enabled.
Note:
This option is not supported when offloading a tunnel to a second UTM Firewall device.
Click Finish. The tunnel is added to the Tunnel List pane, and the Status column indicates the current
15
status of the tunnel.
Refreshing status of IPSec VPN tunnels
Use this procedure to refresh the status of your IPSec VPN tunnels.
From the VPN menu, click IPSec. The IPSec VPN Setup page appears.
1
In the Tunnel List pane, click Refresh. The Status column displays the refreshed status of your tunnels.
2
To view details about the status, click the linked status text. For more information, see
overview.
264
McAfee UTM Firewall 4.0.4 Administration Guide
provides a list of supported attributes.
Description
County
State or province
Locality or town
Organization
Organizational appliance
Common Name
Name
Given Name
Surname
Initials
Personal title
Email
Email
Serial number
Description
[Siemens] Trusted Center Global ID
Certificate
management.
IPSec status details
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound