13 - 124 WiNG 5.5 Access Point System Reference Guide
5. Review the following VPN peer security association statistics:
13.3.25 Certificates
Access Point Statistics
The
Secure Socket Layer
(SSL) protocol ensures secure transactions between Web servers and browsers. SSL uses a third-party
certificate authority to identify one (or both) ends of a transaction. A browser checks the certificate issued by the server before
establishing a connection.
This screen is partitioned into the following:
•
Trustpoints
•
RSA Keys
13.3.25.1 Trustpoints
Certificates
Each certificate is digitally signed by a trustpoint. The trustpoint signing the certificate can be a certificate authority, corporate
or individual. A trustpoint represents a CA/identity pair containing the identity of the CA, CA-specific configuration parameters
and an association with an enrolled identity certificate.
1. Select the
Statistics
menu from the Web UI.
2. Select
System
from the navigation pane (on the left-hand side of the screen). Expand a RF Domain and select one of its
connected access points
3. Select
Certificates
and expand the menu to reveal its sub menu items
.
4. Select
Trustpoints
.
Peer
Lists IP addresses for peers sharing
security associations
(SAs) for tunnel interoperability.
When a peer sees a sensitive packet, it creates a secure tunnel and sends the packet through
the tunnel to its destination.
Local IP Address
Displays each listed peer’s local tunnel end point IP address. This address represents an
alternative to an interface IP address.
Protocol
Lists the security protocol used with the VPN IPSec tunnel connection. SAs are unidirectional,
existing in each direction and established per security protocol. Options include
ESP
and
AH
.
State
Lists the state of each listed peer’s security association.
SPI In
Lists
stateful packet inspection
(SPI) status for incoming IPSec tunnel packets. SPI tracks each
connection traversing the IPSec VPN tunnel and ensures they are valid.
SPI Out
Lists SPI status for outgoing IPSec tunnel packets. SPI tracks each connection traversing the
IPSec VPN tunnel and ensures they are valid.
Mode
Displays the IKE mode as either
Main
or
Aggressive
. IPSEC has two modes in IKEv1 for key
exchanges. Aggressive mode requires 3 messages be exchanged between the IPSEC peers to
setup the SA, Main requires 6 messages.
Clear All
Select the
Clear All
button to clear each peer of its current status and begin a new data
collection.
Refresh
Select the
Refresh
button to update the screen’s statistics counters to their latest values.
Summary of Contents for AP-7131 Series
Page 1: ...Motorola Solutions WiNG 5 5 ACCESS POINT SYSTEM REFERENCE GUIDE ...
Page 2: ......
Page 14: ...x WiNG 5 5 Access Point System Reference Guide ...
Page 22: ...8 WiNG 5 5 Access Point System Reference Guide ...
Page 26: ...1 4 WiNG 5 5 Access Point System Reference Guide ...
Page 74: ...3 36 WiNG 5 5 Access Point System Reference Guide ...
Page 428: ...6 2 WiNG 5 5 Access Point System Reference Guide Figure 6 1 Configuration Wireless menu ...
Page 528: ...6 102 WiNG 5 5 Access Point System Reference Guide ...
Page 610: ...8 40 WiNG 5 5 Access Point System Reference Guide ...
Page 615: ...Services Configuration 9 5 Figure 9 2 Captive Portal Policy screen Basic Configuration tab ...
Page 656: ...9 46 WiNG 5 5 Access Point System Reference Guide ...
Page 670: ...10 14 WiNG 5 5 Access Point System Reference Guide ...
Page 682: ...11 12 WiNG 5 5 Access Point System Reference Guide ...
Page 721: ...Operations 12 39 Figure 12 40 Certificate Management Import New Trustpoint screen ...
Page 738: ...12 56 WiNG 5 5 Access Point System Reference Guide ...
Page 890: ...A 2 WiNG 5 5 Access Point System Reference Guide ...
Page 952: ...B 62 WiNG 5 5 Access Point System Reference Guide ...
Page 953: ......