Cisco Cisco ASR 5000
PDG Service Configuration Mode Commands
▀ certificate-selection
▄ Command Line Interface Reference, StarOS Release 18
7898
certificate-selection
Configures the PDG/TTG to select the trusted certificate (and the private key for calculating the AUTH payload) to be
included in the first IKE_AUTH message from the PDG/TTG based on the APN (Access Point Name). The selected
certificate is associated with the APN included in the IDr payload of the first IKE_AUTH message from the UE.
included in the first IKE_AUTH message from the PDG/TTG based on the APN (Access Point Name). The selected
certificate is associated with the APN included in the IDr payload of the first IKE_AUTH message from the UE.
Product
PDG/TTG
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > PDG Service Configuration
configure > context context_name > pdg-service service_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-pdg-service)#
Syntax
[ no ] certificate-selection apn-based
default certificate-selection
certificate-selection apn-based
Selects a trusted certificate for the first IKE-AUTH message based on the APN.
no certificate-selection
Disables APN-based certificate selection and resumes sending a certificate bound to a crypto template.
default certificate-selection
Sets the default certificate selection method to a certificate bound to a crypto template.
Usage
Configures the PDG/TTG to select the trusted certificate to be included in the first IKE_AUTH message
based on the APN.
based on the APN.
Example
Use the following example to enable APN-based certificate selection:
certificate-selection apn-based