Roadmap to deploying your VPNs
❒ISAKMP ACL entry: At a minimum, you must define and enable an ACL entry that allows ISAKMP traffic from the Internet to the Internet burb on Sidewinder (external IP address of Sidewinder).
❒Other ACL entries: Depending on where you terminate your VPN connections on Sidewinder (e.g., in a virtual burb), you may need to create ACL entries to allow traffic between burbs.
❒Proxies: Depending on where you terminate your VPN connections on Sidewinder (e.g., in a virtual burb), you may need to enable proxies to allow traffic between burbs.
4 — Create/Request the digital certificates
If using Sidewinder
❒Use Cobra to create and export a firewall certificate. See "Creating & exporting a firewall certificate" on page
❒Use Cobra to create and export remote certificates for each end user. See "Creating & exporting remote certificate(s)" on page
❒Use a
If using a CA
❒Use Cobra to define a CA and obtain the CA root certificate and export it for sending to client(s). See "Defining a CA to use and obtaining the CA root cert" on page
❒Use Cobra to request a certificate for the firewall from the CA. See "Requesting a certificate for the firewall" on page
❒Determine the identifying information (e.g., Distinguished Name settings) your clients will use in their personal certificates. See "Determining identifying information for client certificates" on page
❒Use Cobra to specify the client certificate identity information to within Sidewinder. See "Defining remote client identities in Sidewinder" on page
If using pre-shared keys (passwords):
❒Use Cobra to specify the client identity information to within Sidewinder. See "Managing
More...
Getting Started
