B-57
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
AppendixB Site-to-Site VPN User Interface Reference Site to Site VPN Policies
Public Key Infrastructure PageUse the Public Key Infrastructure page to select the CA server that will be used
to create a Public Key Infrastructure (PKI) policy, for generating enrollment
requests for CA certificates.
Note For information about Public Key Infrastructure policies, see Understanding
Public Key Infrastructure Policies, page 9-78.
Navigation Path
Open the Site-to-Site VPN Manager Window, page B-2, select a topology in the
VPNs selector, then select PublicKey Infrastructure in the Policies selector.
Note Youcan also open the Public Key Infrastructure page from Policy view.For more
information, see Working with Site-to-Site VPN Policies, page9-55.
Aggressive Mode Available only in a hub-and-spoke VPN topology.
Select this negotiation method for exchanging key information, if
the IP address is not known and DNS resolution might not be
available on the devices. Negotiation is based on hostname and
domain name.
Note Ifdirect spoke to spoke tunneling is enabled, you cannot use
aggressive mode.
Save button Saves your changes to the server but keeps them private.
Note To publish your changes, click theSubmit button on the
toolbar.
Close button Closes the Site-to-Site VPN window.
Help button Opens help for this page.
TableB-19 Preshared Key Page (continued)
Element Description