ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
f.The “FVG318” certificate will display in the Active Self Certificates table and the pending “FVG318” Self Certificate Request will be deleted.
7.Associate the new certificate and the Trusted Root CA certificate on the FVG318.
a.Create a new IKE policy called Scenario_2 with all the same properties of Scenario_1, except now select the RSA Signature radio box instead of the
b.Create a new VPN Auto Policy called scenario2a with all the same properties as scenario1a except that it uses the IKE policy called Scenario_2.
Now, the traffic from devices within the range of the LAN subnet addresses on FVG318 A and Gateway B will be authenticated using the certificates rather than via a
8.Set up Certificate Revocation List (CRL) checking.
a. Get a copy of the CRL from the CA and save it as a text file.
Note: The procedure for obtaining a CRL differs from a CA like Verisign and a 
CA such as a Windows 2000 certificate server, which an organization
operates for providing certificates for its members. Follow the procedures of your CA.
b.Select VPN > Certificates from the main menu and scroll down to the Certificate Revocation Lists (CRL) section.
c.Click Browse to locate the CRL file.
d.Click Upload. The CRL will be uploaded to the Certificate Revocation Lists (CRL) table.
Now expired or revoked certificates will not be allowed to use the VPN tunnels managed by IKE policies which use this CA.
Note: You must update the CRLs regularly in order to maintain the validity of the
Advanced Virtual Private Networking |
