beautypg.com

Enabling digital certificates on the vpn 3002 – Cisco VPN 3002 User Manual

Page 155

background image

12-29

VPN 3002 Hardware Client Reference

OL-1893-01

Chapter 12 Administration

Certificate Management

Enabling Digital Certificates on the VPN 3002

Note

Before you enable digital certificates on the VPN 3002, you must obtain at least one CA and one
identity certificate. If you do not have a CA and an identity certificate installed on your VPN 3002,
follow the steps in the previous section (

“Enrolling and Installing Digital Certificates”

) before

beginning this section.

For the VPN 3002 to use the digital certificates you obtained, you must enable authentication using
digital certificates.

Step 1

Display the Configuration | System | Tunneling Protocols | IPSec screen. (See

Figure 12-32

.)

Figure 12-32 Configuration | System | Tunneling Protocols | IPSec Screen

Step 2

Check the Use Certificate check box.

Step 3

Select a Certificate Transmission option. If you want the VPN 3002 to send the peer the identity
certificate and all issuing certificates (including the root certificate and any subordinate CA certificates),
click Entire certificate chain. If you want to send the peer only the identity certificate, click Identity
certificate only
.

Step 4

Click Apply. The Manager returns to the Configuration | System | Tunneling Protocols screen.

Step 5

Click the Save Needed icon.