Page layout for certificate authentication
IKE Authentication: Certificate parameters
Chapter 3
Configuration via Local Pages
Remote ID (Filter) Type and Remote ID Filter:
The Remote ID Filter identifies the VPN client during the Phase 1 negotiation. This identity is used as a filter for VPN clients when they join the VPN. Its value must match the settings in the VPN client in order to successfully set up the IKE Security Association. The identity types supported in the SpeedTouch™ are listed in the table below.
Identity type | Keyword | Examples | |
|
|
| |
|
| 10.0.0.1 | |
IP address | addr | 0.0.0.0 (any address | |
|
| accepted) | |
|
|
| |
Fully qualified domain name | fqdn | sales.corporate.net | |
|
|
| |
User fully qualified domain | userfqdn | *@corporate.net | |
name | |||
|
| ||
|
|
| |
Distinguished name | dn | dc=corpor,uid=user | |
|
|
| |
Key identity | keyid | myid | |
|
|
| |
Any ID type accepted | any | - | |
|
|
|
A SpeedTouch™ VPN client identifies itself with a userfqdn in the form of a unique
If you encounter problems during the IKE negotiations, use the Debug > Logging page to verify that the Identity Type and Identity of VPN client and server correspond with each other.
When you click Use Certificate Authentication, the IKE Authentication area of the page is updated in the following way:
When you select Use Certificate Authentication, you have to fill out the Distinguished Name of the local and remote Certificates.
71 | |
|
