Nortel 4134 用户指南
166
IPsec VPN configuration
—End—
Table 87
Variable definitions
Variable definitions
Variable
Value
url <url>
Specifies the SCEP server URL through which the
Certificate Authority can be accessed for submitting
certificate requests or retrieving the approved
certificates through SCEP.
Specify the complete URL (with http://), including the
cgi path and server port number, if any.
Certificate Authority can be accessed for submitting
certificate requests or retrieving the approved
certificates through SCEP.
Specify the complete URL (with http://), including the
cgi path and server port number, if any.
terminal
Specifies cut and paste mode for enrollment.
Configuring parameters for the certificate request
Configuring the certificate subject name
Specify the subject name that identifies the Secure Router in the certificate
request.
request.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the CA trustpoint to configure, enter:
ca trustpoint <ca-name>
4
To configure the subject name, enter:
subject-name "<subject-name>"
—End—
Configuring IP address as subjectAltName for the certificate
Specify the IP address as the subjectAltName to be used in the certificate
request. To clear the IP address from the configuration, use the no form
of the command.
request. To clear the IP address from the configuration, use the no form
of the command.
In addition to the subject name, the certificate can support a SubjectAltName
as an alternate means of identifying the router.
as an alternate means of identifying the router.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.