Enterasys Networks XSR-Series manual Certification control / certificates / Crls / CA identity

Page 35

9.1.1 Certification control / certificates / CRLS / CA identity

XSR-1805_1#show crypto ca certificates

Certificate - issued by Enterasys-Networks-CA

State:

ENTITY-ACTIVE

Version:

V3

 

 

Serial Number:

458876448087542442491910

Issuer:

MAILTO=support@enterasys.com,. . . , CN=LABOR-ETS-CA

Valid From:

2003

Jul

2nd, 10:21:11 GMT

Valid To:

2004

Jul

2nd, 10:31:11 GMT

Subject:

CN=Enterasys Networks X-pedition Series - 361902300157320D

Fingerprint:

30451AC4 F2626413 841522E3 2DDB98A4

Certificate Size:

1102

bytes

 

CA Certificate - Enterasys-Networks-CA

State:

CA-AUTHENTICATED

Version:

V3

 

 

Serial Number:

116081135157367679818971021752243067231

Issuer:

MAILTO=support@enterasys.com,. . .,CN=LABOR-ETS

Valid From:

2003

Feb 11th, 14:45:40 GMT

Valid To:

2013

Feb 11th, 14:52:38 GMT

Subject:

MAILTO=labor@enterasys.com, . . ., CN=LABOR-ETS

Fingerprint:

6AEBAF4C 51B85B4C 297F12F0 D3442FF6

Certificate Size:

770 bytes

 

RA KeyEncipher Certificate - Enterasys-Networks-CA-rae

State:

CA-AUTHENTICATED

Version:

V3

 

 

Serial Number:

459107753245879167877125

Issuer:

MAILTO=support@enterasys.com, . . ., CN=LABOR-ETS

Valid From:

2003

Jul

2nd, 10:21:11 GMT

Valid To:

2004

Jul

2nd, 10:31:11 GMT

Subject:

MAILTO=labor@enterasys.com, . . ., CN=LABOR-ETS

Fingerprint:

19952ABA 0F1C6EE1 E9FB4F70 76448739

Certificate Size:

1214

bytes

 

RA Signature Certificate - Enterasys-Networks-CA-ras

State:

CA-AUTHENTICATED

Version:

V3

 

 

Serial Number:

459107524969673055535108

Issuer:

MAILTO=support@enterasys.com, . . ., CN=LABOR-ETS

Valid From:

2003

Jul

2nd, 10:21:10 GMT

Valid To:

2004

Jul

2nd, 10:31:10 GMT

Subject:

MAILTO=labor@enterasys.com, , CN=LABOR-ETS

Fingerprint:

6255E200 726DED79 AA5462F2 69397A54

Certificate Size:

1214

bytes

 

XSR-1805_1#show crypto ca crls

 

CRL - issued by LABOR-ETS

 

 

State:

VALID

 

 

Version:

V2

 

 

Issuer:

MAILTO=support@enterasys.com, . . ., CN=LABOR-ETS

Valid From:

2003

Jul 29th, 14:46:16 GMT

Valid To:

2003

Aug

6th, 03:06:16 GMT

Issuing CDP:

http://labor-enterasys/CertEnroll/LABOR-ETS.crl

Crl Size:

378 bytes

 

XSR-1805_1#show crypto ca identity

CA Identity - Enterasys-Networks-CA

Enrollment Information:

URL:

http://192.168.224.22/certsrv/mscep/mscep.dll

Retry Period:

5 minutes

Retry Count:

3

Crl Frequency:

60 minutes

Configuration Guide

Page 35 of 55

Image 35
Contents Configuration Guide Table of Contents Appendix Helpful commands for using the XSR platformIP-Static-routing IP-Loopback Interface IP-Address and Secondary Addresses configurationIP-OSPF-routing IP-RIPv1,v2-routing Ip local pool 10th 10.10.10.0 Sntp Simple Network Time Protocol Duplex half System login bannerDuplex full Configuration Guide XSR-1805config#access-list 110 move 1 Access control list moving online editingHostname XSR-18051 Router-2-BackupVirtual Router Redundancy Protocol RFC Router-1-MasterVrrp 1 priority Vrrp 1 master-respond-ping no shutdown Vrrp monitor interface function, interface trackingIp address 10.10.10.1 255.255.255.0 no shutdown Access-list 10 permit 10.10.10.0NAT static bindings NAT dynamic with PAT Port Address TranslationDialer Interface Controller e1 0/2/0 clock source internal no shutdown Dialer Backup interface functionUsername remote privilege 0 password is not displayed PAP for authentication PPPInterface Dialer0 dialer pool Chap for authentication PPPUsername remote privilege 0 cleartext iamRemote Dialer-list 1 protocol ip list XSR-1805-1config#aaa user XSR-1805-1config-aaa#password XSRVPN via Dialer Interface rtr1 VPN via Dialer Interface rtr2 Dialer Int. PRI to BRI with D-channel-callbackcentral-site Ppp pap sent-username central password xsr ppp multilinkDialer Int. PRI to BRI with D-channel-callbackremote1-site Ppp pap sent-username remote1 password xsr1 ppp multilinkDialer Int. PRI to BRI with D-channel-callbackremote2-site Ppp pap sent-username remote2 password xsr2 ppp multilinkIsdn config for BRIx/x Isdn switch type changing Dialer-group Isdn callbackDialer caller 112233 callback dialer remote-name XSR-Remote Isdn multilink / Isnd channel bundling PPPoE on Adsl interface with chap authentication AAA Authentication Authorization Accounting Radius Logging Snmp Medium Ip ssh server disable Ip telnet server disableSSH / Telnet Syslog function, Server local-bufferSnmp v1/v2/v3 Snmp configuration /contact/location/parameterIp route 80.80.80.0 255.255.255.0 XSR-18051config#aaa user XSR-18051config-aaa#password XSR0r1 VPN Ipsec site-to-site tunnel via pre-shared key Router-1Ip route 10.10.10.0 255.255.255.0 XSR-18052config#aaa user XSR-18052config-aaa#password XSR0r2 VPN Ipsec site-to-site tunnel via pre-shared key Router-2VPN Ipsec site-to-site tunnel certification PKI Request certificate from CA y/n ? y XSR-18051config#crypto ca identity Enterasys-Networks-CAPassword Re-enter password XSR-18051config#crypto ca crl request Enterasys-Networks-CAENTITY-ACTIVE Certification control / certificates / Crls / CA identityPptp encrypt mppe auto VPN Pptp User terminationXSR-18051config#aaa user XSR-18051config-aaa#password XSR XSR-18052config#aaa user XSR-18052config-aaa#password XSR Version 6.0.0.0, Built Sep 14 2003 5r1 GRE native site-to-site tunnel5r2 GRE native site-to-site tunnel Diffserv Dscp field addressing Description internalloopbackPrivate ip address 13.13.13.1 Firewall configurationDescription InteralnetworkPrivate ip address 10.10.10.1 Ip address 30.30.30.1 Vlan configuration 802.1q tagged routingIp address 20.20.20.1 XSR-1805 uptime is 0 days, 2 hours, 23 minutes A1.2 ping & tracerouteVersion 2.02, Built Feb 24 2003 Version 4.0.0.0, Built Mar 26 2003Current operational speed is negotiated to 100 Mb/s Current operational duplex mode is negotiated to fullA1.4 telnet to other routers Physical link is currently upA1.6 verify the flash file checksum A1.5 flash/ cflash/ dir, rename, copy commandsB1.1 show ip arp B1.0 show ip routeC1.3 show crypto map C1.0 show tunnelsC1.1 show crypto isakmp sa C1.2 show crypto ipsec saC1.7 show ip route / GRE via Ipsec C1.4 show tunnels / GRE via IpsecC1.5 show interface vpn / GRE via Ipsec C1.6 show crypto ipsec sa / GRE via IpsecMTU is 1492 bytes D1.1 show ip interface atm 1/0.1D1.2 show controllers atm 1/0 VPI/VCI 1/32 D1.3 show controllers atm 1/0.1IfLastChange 001609 ATM 1/0 is Admin Up / Oper UpAdministrative State is Enabled Operational State is UP D1.4 show interface atm 1/0PPPoE is Oper Up ATM 1/0.1 is Admin Up / Oper UpD1.5 show interface atm 1/0.1 State OpenedCurrent State ATM 1/0.1 PPP is Admin Up / Oper UpChap authentication success with D1.6 show ppp interface atm 1/0.1Getting Help