Identifying branch offices with certificates, Ipsec authentication – Panasonic NN46110-600 User Manual

Page 104

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

Advertising
background image

94 Chapter 3 Using certificates

Identifying branch offices with certificates

You use the Authentication section of the Profiles > Branch Office > Edit
Connection window to configure the authentication between the local and remote

branch office VPN Routers. The fields that appear in this window depend on

whether you are using an IPsec, PPTP, or L2TP tunnel type.

Select the authentication method that you want to use for the branch office

connection from the list.

Note:

When you change the authentication type, the window

immediately changes to reflect the requirements of the new

authentication method. Any changes that you made on the

Authentication part of the previous window are lost.

IPsec authentication

In the Authentication section, complete the following information:

1

Enter the

pre-shared key

as a text or hex string. This is an alphanumeric text

or hexadecimal string used for authentication between the local and remote

branches. For authentication to occur, you must use the same pre-shared string

on both the local and remote branch offices.

2

Certificates are associated with each endpoint VPN Router and allow for

mutual authentication between two connections. The

Certificate

section

includes information about the remote branch office system, the authority that
issued the certificate, and the certificate identification.

3

Remote Identity

is the name of the remote peer initiating the tunnel

connection. You can use either a subject distinguished name (subject DN) or a

subject alternative name to uniquely identify the remote branch office system.
Specifying both a full subject DN and a subject alternative name on this

window allows the remote peer to use either identity form when making a
connection.

4

Select a

valid issuer CA

from the certificate authority list. This CA is the

issuer of the remote peer’s certificate or a higher-level CA in the remote peer’s

certificate hierarchy. The CA must have the trusted flag set on the Certificates
window. If a CA hierarchy is used, you must import all intermediary CAs

below the trusted CA to the VPN Router. These certificate authorities are

NN46110-600

Advertising
Popular Brands
Popular manuals