Configuring the ssl vpn service – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

922

•

The RADIUS server is properly configured to provide normal authentication function for users. In this

example, you need to configure the shared key as expert, configure the user account and user
group information, and add users to user group user_gr2.

Configuring the SSL VPN service

1.

Configure a PKI entity named en:

a.

Select VPN > Certificate Management > Entity from the navigation tree.

b.

Click Add to add a PKI entity.

c.

Enter the PKI entity name en.

d.

Enter common name http-server for the entity.

e.

Click Apply.

Figure 984 Configuring a PKI entity named en

2.

Configure a PKI domain named sslvpn:

a.

Select VPN > Certificate Management > Domain from the navigation tree.

b.

Click Add to add a PKI domain.

c.

Enter the PKI domain name sslvpn and the CA identifier CA server.

d.

Select en as the local entity, and RA as the registration authority.

e.

Enter the certificate requesting URL http://10.2.1.1/certsrv/mscep/mscep.dll.

f.

Select Manual as the certificate request mode.

g.

Click Apply.
The system displays Fingerprint of the root certificate not specified. No root certificate
validation will occur. Continue?

h.

Click OK.