Netgear 05200007 Benutzerhandbuch
Reference Manual for the NETGEAR ProSafe VPN Client
5-10
Using the Security Policy Editor
202-10015-01
Configure My Identity
The remote party that you want to communicate securely with uses the information in My Identity
to verify that you really are who you indicate that you are. This is done with either a preshared key
that you and the remote party have or a certificate. This information also distinguishes you from
the remote party during the key exchange process.
to verify that you really are who you indicate that you are. This is done with either a preshared key
that you and the remote party have or a certificate. This information also distinguishes you from
the remote party during the key exchange process.
The ID types available for identifying yourself in My Identity come from the subject information
fields of the personal certificate request that you completed when you requested a personal
certificate from a CA.
fields of the personal certificate request that you completed when you requested a personal
certificate from a CA.
1.
In the Security Policy Editor, in the Network Security Policy list, expand the specific secure
connection .
connection .
2.
Click My Identity.
3.
If you are using preshared keys, go to Enter a preshared key.
4.
If you are using certificates:
a.
In the Select Certificate box, you can specify a personal certificate or let the client select
one:
one:
–
To select a particular personal certificate, click that certificate.
–
For the client to select a personal certificate automatically, click Select automatically
during IKE negotiation, the default for new security policies. This option facilitates
creating a policy.
during IKE negotiation, the default for new security policies. This option facilitates
creating a policy.
b.
In the ID Type box, click the information and format that identifies you to remote parties.
A box opens below the ID Type box with the particular subject information, in the ID type
you clicked, from the personal certificate that you selected in the Select Certificate box.
you clicked, from the personal certificate that you selected in the Select Certificate box.
If you selected Select automatically during IKE negotiation in the Select Certificate
box, the default ID type is Distinguished Name; each personal certificate contains this.
box, the default ID type is Distinguished Name; each personal certificate contains this.
Caution: The ID type is a search criterion that the client uses when automatically
selecting a certificate. This means that if it doesn't find a personal certificate with the ID
type selected, the connection attempt fails.
selecting a certificate. This means that if it doesn't find a personal certificate with the ID
type selected, the connection attempt fails.
5.
If the Port box is enabled, click the protocol port through which your computer will connect to
the other party. The default, All, secures all protocol ports. Selecting the exact protocol port
tightens your security policy.
the other party. The default, All, secures all protocol ports. Selecting the exact protocol port
tightens your security policy.
The port's standard numeric designation shows next to the Port box.