Configuration procedure, Configuring the ssl vpn service – H3C Technologies H3C MSR 50 User Manual

83

•

The RADIUS server is correctly configured to provide normal authentication function for users. In this

example, you need to configure the shared key as expert, configure the user account and user
group information, and add users to user group user_gr2.

Configuration procedure

Configuring the SSL VPN service

1.

Configure a PKI entity named en:

a.

Select Certificate Management > Entity from the navigation tree.

b.

Click Add to enter the PKI configuration page, as shown in

Figure 459

.

c.

Enter the PKI entity name en.

d.

Enter common name http-server for the entity.

e.

Click Apply.

Figure 459 Configuring a PKI entity named en

2.

Configure a PKI domain named sslvpn:

a.

Select Certificate Management > Domain from the navigation tree.

b.

Click Add.

c.

On the page that appears, as shown in

Figure 460

, enter the PKI domain name sslvpn, enter

the CA identifier CA server, select en as the local entity, select RA as the registration authority,
enter the certificate requesting URL http://10.2.1.1/certsrv/mscep/mscep.dll, select Manual

as the certificate request mode, and click Apply.
The system displays "Fingerprint of the root certificate not specified. No root certificate
validation will occur. Continue?"

d.

Click OK to continue.