Nortel 4134 用户指南
172
IPsec VPN configuration
3
To specify the CA trustpoint from which the certificate was issued,
enter:
enter:
ca import <ca-name>
4
To manually import the responder certificate, enter:
responder-certificate
The system prompts you to enter the certificate.
—End—
Configuring LDAP parameters
Configure the LDAP server URL to retrieve the CRL (certificate revocation
list) from the directory database server. The LDAP client supports periodic
downloads of the CRL using the “next update” time as specified by the
CA in the CRL.
list) from the directory database server. The LDAP client supports periodic
downloads of the CRL using the “next update” time as specified by the
CA in the CRL.
If the LDAP server URL is not configured, the CRL is retrieved through
SCEP or using the manual (cut and paste) method.
SCEP or using the manual (cut and paste) method.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the CA trustpoint to configure, enter:
ca trustpoint <ca-name>
4
To configure the LDAP parameters, enter:
crl query <url-with-ldap://>
—End—
Table 89
Variable definitions
Variable definitions
Variable
Value
<url-with-ldap://>
Specifies a complete URL (with ldap://)
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.