Using advanced features
242 Avaya VPNmanager Configuration Guide Release 3.7
When a VSU recognizes that an target wants to communicate, the VSU uses th e IKE Certifi cate
Usage list to determine which bundle to send to the target. The search always starts at the top
of the list, so it’s important to put the most frequently used bundles at the top of the list.
There can be cases when you have to make a general purpose bundle that applies to any type
of target. Always place that bundle at the bottom of the IKE Certificate Usage list.
Add (IKE Certificate Policy). This screen is used to add a new IKE Certificate Pol icy t o the
IKE Usage Certificate list.
Bundle. Combo box listing bundle numbers 1 through 8. 0 is the VPNet factory default
bundle.
Memo. Use this area to record notes about this IKE Certificate policy.
Target. Type Identification of the remote tunnel endpoint. Used to determine which
certificate to present to the other side. Target Type may be:
IP Address
VPN
FQDN (Fully Qualified Domain Name)
email
Directory Name
Any (target endpoint)
Depending on the selection made, an appropriate field type appears to capture the
respective information for the target type.
Locate This IKE Certificate Policy. Allows you to specify the placement of the IKE
Certificate Policy in the IKE Certificate Usage list.
To assign a target for a certificate:
1. From the Device>Contents column, select the VSU containing the certificate needing a
target.
2. Click the Policies tab to bring it to the front.
3. From the drop-down list, select IKE Certificate Usage, then click GO to open the Policy
Manager for IKE Certificate Usage.
4. Click Add to open the Add IKE Certificate Policy.
5. From the Number drop-down list, select which VSU certificate you want to configure.
Note:
Note: A VSU can dynamically store up to eight certificates. To identify how many
certificates exist, click Cancel to return to the IKE Certificate Usage window , the n
from the Type of Policy drop-down list, select My Certificates.
6. In the Description text box, type in information about the target. If the target is a VSU,
typing in its name could be useful.