Avaya 3.7 Manuel D’Utilisation

Up to eight certificates can be stored in a VSU. During IKE negotiation, a VSU sends a specified 
certificate to its target. Those other VSUs and clients are called targets. Likewise, the target that 
received a certificate must distribute its [unique] certificate to the sender to complete the 
exchange. The VSUs use the exchange to authenticate each other and to distribute their public 
keys. These additional certificates can be created then installed into a VSU. Each certificate is 
assigned a target (see 

 for additional information about 

making those assignments). A VSU only needs a single certificate to distribute its public-key to 
multiple VSUs, but additional certificates can be created for establishing secure connections 
with special targets. The process of getting a certificate for a specific VSU is illustrated in 

Explanation for 

1. An administrator uses VPNmanager Console to get a Certificate Request from a specific 

VSU.

2. The administrator sends the Certificate Request to a Public Key Infrastructure (PKI) 

System.

3. The PKI System sends a Signed Certificate to the administrator.

4. The administrator uses VPNmanager Console to install the Signed Certificate into the VSU.

Shown in 

 is the Policy Manager for My Certificates. Use it for generating certificate 

requests, installing signed certificates in a VSU, and for selecting which certificate the 
VPNmanager Console must be configured as the target.

Note: For this process to work, the 
security gateway must have already 
been configured with an IP address.

PKI

LAN

security 

WAN

VPNmanager Console

1

2

3

4