1 select system > certificates – Panasonic NN46110-600 User Manual

88 Chapter 3 Using certificates

•

CRL Checking Mandatory determines if a CRL must be present when an
IPsec tunnel is established to a particular CA. If this is selected, the VPN

Router must have a CRL present for tunnel connections to be successful. If
this is not selected, the VPN Router allows certificate authenticated tunnels

when no CRL is present.

•

CRL Update Frequency allows you to enter a value in minutes to represent the
frequency the VPN Router queries the CA’s LDAP server for a newly

published CRL. The default value of 0 indicates that this VPN Router does

not update any CRLs. This option is useful when more than one VPN Router

shares an LDAP database, but you want only one VPN Router to actually

perform the update operation. To minimize the load on an external LDAP

server, make sure that only one or two VPN Routers are updating a shared

CRL entry in a multiple-VPN Router, shared external LDAP environment.

•

CRL System Status is read-only and is automatically updated by the VPN

Router to reflect the CRL updating activity.

•

CRL Retrieval Scheduling allows you to configure the time and day that a
CRL request is sent to the CRL Server.

Configuring CRL Retrieval Scheduling

To configure CRL Retrieval Scheduling:

1

Select

System > Certificates

.

The System > Certificates window appears.

2

In the desired certificate row, click

details

.

The Certificate Details window appears.

3

To apply the

CRL Update Specific Time

, select the option box.

4

To select the days to apply the

CRL Update Specific Time

, select the desired

day options.

5

In the

Time

box, type the desired time.

6

To enable the CRL Update Specific Time, click

Update CRL Now

.

7

Click

OK

.

NN46110-600