9-38
User Guide for Resource Manager Essentials 4.1
OL-11714-01
Chapter 9 Making and Deploying Configuration Changes Using NetConfig
Using System-defined Tasks
For each device category, click on Applicable Devices to view the devices in your selection, to which
this task applies.
IOS Devices with VPN Images
You can determine VPN images from the naming convention used for IOS images. The naming
convention follows xxxx-yyyy-ww format.
Where, xxxx represents platform, yyyy represents features and ww represents format. If the middle value
(yyyy) contains, the numeric 56 or Kn, where n is a number between 1 and 9, then this is a VPN image.
For example, C7100-IS56I-M is a VPN image, since it contains the number 56.
Crypto Map Task
You can use the Crypto Map Server system-define task to configure IPSec on devices.
LDAP Server Enter the LDAP server of the CA, if your CA system
provides an RA.
LDAP server contains the location of CRLs (certification
revocation lists) and certificates.
Enrollment Retry
Period
Minutes [1- 60] Enter the wait period between certification request retries.
The wait period is between 1 to 60.
Set to Default Select this option to set the default wait period to 1 minute.
Enrollment Retry
Count
Number [1- 100] Enter the certification request retry number.
The retry number must be between 1 and 100.
Set to Default Select this option to set the default retry period to 1 minute.
CRL Optional Action Select Enable to bypass the Certificate Revocation List.
If you select Disable, Certificate Revocation list is checked.
Certificate Query Action Select an option to enable, disable or make no change to
certificate query.
• If you select Enable, certificate query will be added to
all trust points on the router.
• If you select Disable, the certificate will not be queried.
RSA Key pairs Action Select an option to generate, delete or make no change to the
RSA key pairs. This feature allows you to configure a Cisco
IOS router to have multiple key pairs.
Thus, the Cisco IOS software can maintain a different key
pair for each identity certificate.
Key Type Specify the key type:
• General Purpose—To generate a general purpose key
pair that is used for both encryption and signature.
• Usage—To generate separate usage key pairs for
encrypting and signing documents.
Group Sub-Group Field Description