Netgear FVS318 FVS318v3 Reference Manual - Page 115
scenario2a, Set up Certificate Revocation List CRL checking., Browse, Upload
UPC - 606449023381
View all Netgear FVS318 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 115 highlights
Reference Manual for the ProSafe VPN Firewall FVS318v3 b. Create a new VPN Auto Policy called scenario2a with all the same properties as scenario1a except that it uses the IKE policy called Scenario_2. Now, the traffic from devices within the range of the LAN subnet addresses on FVS318v3 A and Gateway B will be authenticated using the certificates rather than via a shared key. 8. Set up Certificate Revocation List (CRL) checking. a. Get a copy of the CRL from the CA and save it as a text file. Note: The procedure for obtaining a CRL differs from a CA like Verisign and a CA such as a Windows 2000 certificate server, which an organization operates for providing certificates for its members. Follow the procedures of your CA. b. From the main menu VPN section, click the CRL link. c. Click Add to add a CRL. d. Click Browse to locate the CRL file. e. Click Upload. Now expired or revoked certificates will not be allowed to use the VPN tunnels managed by IKE policies which use this CA. Note: You must update the CRLs regularly in order to maintain the validity of the certificate-based VPN policies. Advanced Virtual Private Networking January 2005 6-27