Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2

Now, the traffic from devices within the range of the LAN subnet addresses on FWG114P v2 A and Gateway B will be authenticated using the certificates rather than via a shared key.

8.Set up Certificate Revocation List (CRL) checking.

a.Get a copy of the CRL from the CA and save it as a text file.

Note: The procedure for obtaining a CRL differs from a CA like Verisign and a CA, such as a Windows 2000 certificate server, which an organization operates for providing certificates for its members. Follow the procedures of your CA.

b.From the main menu VPN section, click on the CRL link.

c.Click Add to add a CRL.

d.Click Browse to locate the CRL file.

e.Click Upload.

Now expired or revoked certificates will not be allowed to use the VPN tunnels managed by IKE policies which use this CA.

Note: You must update the CRLs regularly in order to maintain the validity of the certificate-based VPN policies.

Virtual Private Networking

8-31

201-10301-02, May 2005

Page 143
Image 143
NETGEAR FWG114P v2 manual Set up Certificate Revocation List CRL checking