Cisco Cisco Packet Data Gateway (PDG)
certificate-selection
Configures the PDG/TTG to select the trusted certificate (and the private key for calculating the AUTH
payload) to be included in the first IKE_AUTH message from the PDG/TTG based on the APN (Access Point
Name). The selected certificate is associated with the APN included in the IDr payload of the first IKE_AUTH
message from the UE.
payload) to be included in the first IKE_AUTH message from the PDG/TTG based on the APN (Access Point
Name). The selected certificate is associated with the APN included in the IDr payload of the first IKE_AUTH
message from the UE.
Product
PDG/TTG
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > PDG Service Configuration
configure > context context_name > pdg-service service_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-pdg-service)#
Syntax Description
[ no ] certificate-selection apn-based
default certificate-selection
default certificate-selection
certificate-selection apn-based
Selects a trusted certificate for the first IKE-AUTH message based on the APN.
no certificate-selection
Disables APN-based certificate selection and resumes sending a certificate bound to a crypto template.
default certificate-selection
Sets the default certificate selection method to a certificate bound to a crypto template.
Usage Guidelines
Configures the PDG/TTG to select the trusted certificate to be included in the first IKE_AUTH message based
on the APN.
on the APN.
Examples
Use the following example to enable APN-based certificate selection:
certificate-selection apn-based
certificate-selection apn-based
Command Line Interface Reference, Modes I - Q, StarOS Release 19
1513
PDG Service Configuration Mode Commands
certificate-selection