D-Link DFL-1600 User Manual
will contain one ID with the type DN, distinguished name, as the primary identifier. Note that this example does
not illustrate how to add the specific IPsec tunnel object.
not illustrate how to add the specific IPsec tunnel object.
Command-Line Interface
First create an Identification List:
gw-world:/> add IDList MyIDList
Then, create an ID:
gw-world:/> cc IDList MyIDList
gw-world:/MyIDList> add ID JohnDoe Type=DistinguishedName
CommonName="John Doe"
OrganizationName=D-Link
OrganizationalUnit=Support
Country=Sweden
EmailAddress=john.doe@D-Link.com
OrganizationName=D-Link
OrganizationalUnit=Support
Country=Sweden
EmailAddress=john.doe@D-Link.com
gw-world:/MyIDList> cc
Finally, apply the Identification List to the IPsec tunnel:
gw-world:/> set Interface IPsecTunnel MyIPsecTunnel
AuthMethod=Certificate IDList=MyIDList
RootCertificates=AdminCert
GatewayCertificate=AdminCert
RootCertificates=AdminCert
GatewayCertificate=AdminCert
Web Interface
First create an Identification List:
1.
Go to Objects > VPN Objects > ID List > Add > ID List
2.
Enter a name for the list, for example MyIDList
3.
Click OK
Then, create an ID:
1.
Go to Objects > VPN Objects > IKE ID List > Add > ID List
2.
Select MyIDList
3.
Enter a name for the ID, for example JohnDoe
4.
Select Distinguished name in the Type control
5.
Now enter:
•
Common Name: John Doe
•
Organization Name: D-Link
•
Organizational Unit: Support
•
Country: Sweden
•
Email Address: john.doe@D-Link.com
6.
Click OK
Finally, apply the Identification List to the IPsec tunnel:
1.
Go to Interfaces > IPsec
2.
Select the IPsec tunnel object of interest
3.
Under the Authentication tab, choose X.509 Certificate
9.3.8. Identification Lists
Chapter 9. VPN
410