Manuals / Brands / Computer Equipment / Network Router / Secure Computing / Computer Equipment / Network Router

Secure Computing SafeNet, Sidewinder Version 5.1.0.02, Soft-PK Version 5.1.3 Build 4 Managing CA- based certificates

1 80

Download 80 pages, 1001.45 Kb

Managing CA-based certificates

Configuring Sidewinder for Soft-PK Clients 3-9

Managing CA-

based certificates If you are using a CA to authorize certificates, use the following

procedures to define the CA, request the firewall and CA certificates,

and define the remote identities of each client within Sidewinder

(needed later when setting up your VPN connections).

Defining a CA to use and obtaining the CA root cert

To request a CA certificate for Sidewinder, do the following from

Cobra.

1. Select Services Configuration -> Certificate Management and click the

Certificates Authorities tab. Click New.

Figure 3-5.

Create New Certificate

Authority window

2. In the New Certificate Authority window, specify the name, type, and

location of the CA.

3. Click Add, then click Close.

4. Click Get CA Cert to request the CA certificate and import it to the

firewall

5. Click Get CRL to manually retrieve a new Certificate Revocation List (CRL)

from the CA.

Contents

Main Page i Copyright Notice Trademarks Secure Computing Corporation Software License Agreement ii Technical Support Information Comments? Printing History T ABLE OF C Preface: About this Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . .v Chapter 1: Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Chapter 2: Planning Your VPN Config uration. . . . . . . . . . 2-1 Chapter 3: Configuring Sidewinder for Soft-PK Clients . 3-1 Chapter 4: Installing and Working with Soft-PK . . . . . . . .4-1 Chapter 5: Deploying Soft-PK to Your End Users . . . . . . 5-1 Appendix A: Troubleshooting . . . . . . . . . . . . . . . . . . . . . . A-1 P P this guide? About this Guide Who should read P How this guide is organized Where to find additional information Page CHAPTER 1 Getting Started About Soft-PK & Sidewinder VPNs Requirements Sidewinder and other network requirements Soft-PK requirements Roadmap to deploying your VPNs Page Page Page Page Page CHAPTER 2 Planning Your VPN Configuration Identifying basic VPN connection needs Identifying authentication requirements Using digital certificate authentication Understanding pre-shared key authentication Extended authentication Determining where you will terminate your VPNs More about virtual burbs and VPNs Defining a virtual burb Understanding Sidewinder client address pools CHAPTER 3 Configuring Sidewinder for Soft-PK Clients Enabling the VPN servers Configuring ACL & proxies entries for VPN connections Managing Sidewinder self- signed certs Creating & exporting a firewall certificate Page Creating & exporting remote certificate(s) Page Page Managing CA- based certificates Defining a CA to use and obtaining the CA root cert Requesting a certificate for the firewall information must be entered into each Soft-PK client. Determining identifying information for client certificates Defining remote client identities in Sidewinder Page Configuring the VPN on the Sidewinder Page appropriate for your configuration. self-signed certificate options. specify the following CA certificate options. Page Page CHAPTER 4 Installing and Working with Soft-PK Soft-PK installation notes Starting Soft-PK Determining Soft-PK status from icon variations Activating/Deactivating Soft-PK About the Soft-PK program options Managing certificates on Setting up Sidewinder self-signed certificates Setting up CA-based certifi cates Requesting a personal certificate from a CA on users behalf Importing certificate in Soft-PK Page Page Page Configuring a security policy on the Soft-PK Page Page Page CHAPTER 5 Deploying Soft-PK to Your End Users Overview Customizing the user worksheet Specifying dial-up network instructions Specifying installation instructions Specifying certificate import/request instruction s Specifying security policy instructions Specifying basic connection information A APPENDIX A Troubleshooting Soft-PK Log Viewer A Soft-PK Connectio n Monitor More about the Connection Monitor To view the details Sidewinder troubleshooting commands