Configuring device b – H3C Technologies H3C SecPath F1000-E User Manual
Page 315
303
Figure 206 Creating an IKE peer
Configuring Device B
The configuration for Device B is similar to that for Device A.
1.
Create a PKI entity:
a.
From the navigation tree, select VPN > Certificate Management > Entity.
b.
Click Add.
c.
Enter en as the PKI entity name, enter device-b as the common name, enter 3.3.3.1 as the IP
address of the entity, and click Apply.
2.
Create a PKI domain:
a.
From the navigation tree, select VPN > Certificate Management > Domain.
b.
Click Add.
The configuration page appears.
c.
In the upper area of the page, enter 1 as the PKI domain name, enter CA1 as the CA identifier,
select en for the local entity, select RA for the authority for certificate request, enter
http://2.1.1.100/certsrv/mscep/mscep.dll as the URL for certificate request, enter 2.1.1.102
as the IP address of the LDAP server, 389 as the port number, and 2 as the version number, and
select Manual for the certificate request mode.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS