Policy Manager - My Certificates
Issue 4 May 2005
235
Up to eight certificates can be stored in a VSU. During IKE negotiation, a VSU sends a specified
certificate to its target. Those other VSUs and clients are called targets. Likewise, the target that
received a certificate must distribute its [unique] certificate to the sender to complete the
exchange. The VSUs use the exchange to authenticate each other and to distribute their public
keys. These additional certificates can be created then installed into a VSU. Each certificate is
assigned a target (see
IKE Certificate Usage on page 240
for additional information about
making those assignments). A VSU only needs a single certificate to distribute its public-key to
multiple VSUs, but additional certificates can be created for establishing secure connections
with special targets. The process of getting a certificate for a specific VSU is illustrated in
Figure 75
Figure 75: Installing a Signed Certificate into a VSU
Explanation for
Figure 75
:
1. An administrator uses VPNmanager Console to get a Certificate Request from a specific
VSU.
2. The administrator sends the Certificate Request to a Public Key Infrastructure (PKI)
System.
3. The PKI System sends a Signed Certificate to the administrator.
4. The administrator uses VPNmanager Console to install the Signed Certificate into the VSU.
Creating and Installing a Signed Certificate
Shown in
Figure 76
is the Policy Manager for My Certificates. Use it for generating certificate
requests, installing signed certificates in a VSU, and for selecting which certificate the
VPNmanager Console must be configured as the target.
Note: For this process to work, the
security gateway must have already
been configured with an IP address.
PKI
LAN
security
WAN
VPNmanager Console
1
2
3
4
Summary of Contents for 3.7
Page 1: ...VPNmanager Configuration Guide Release 3 7 670 100 600 Issue 4 May 2005...
Page 4: ......
Page 20: ...Preface 20 Avaya VPNmanager Configuration Guide Release 3 7...
Page 32: ...Overview of implementation 32 Avaya VPNmanager Configuration Guide Release 3 7...
Page 53: ...Preferences Issue 4 May 2005 53 Figure 16 Tunnel End Point Policy...
Page 54: ...Using VPNmanager 54 Avaya VPNmanager Configuration Guide Release 3 7...
Page 244: ...Using advanced features 244 Avaya VPNmanager Configuration Guide Release 3 7...
Page 292: ...Upgrading firmware and licenses 292 Avaya VPNmanager Configuration Guide Release 3 7...